From owner-freebsd-security  Mon Dec 16 00:46:31 1996
Return-Path: <owner-security>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.4/8.8.4) id AAA13089
          for security-outgoing; Mon, 16 Dec 1996 00:46:31 -0800 (PST)
Received: from ns.cs.hku.hk (ns.cs.hku.hk [147.8.178.10])
          by freefall.freebsd.org (8.8.4/8.8.4) with SMTP id AAA13084
          for <security@freebsd.org>; Mon, 16 Dec 1996 00:46:26 -0800 (PST)
Received: from champion (champion.cs.hku.hk) by ns.cs.hku.hk  with SMTP id AA01300
	(5.67b/IDA-1.5 for <security@freebsd.org>)
	Mon, 16 Dec 1996 16:45:21 +0800
Received: by champion (4.1/S2.0-sunos4)
	id AA01860; Mon, 16 Dec 96 16:45:04 HKT
Date: Mon, 16 Dec 1996 16:45:03 +0800 (HKT)
From: Doug Kwan ~{9XUq5B~} <ctkwan@cs.hku.hk>
To: Petri Helenius <pete@sms.fi>
Cc: security@freebsd.org
Subject: Re: mail bomb! 
In-Reply-To: <199612160617.IAA03360@silver.sms.fi>
Message-Id: <Pine.SUN.3.91.961216164217.1685A-100000@champion>
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-security@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

Hello Pete,

On Mon, 16 Dec 1996, Petri Helenius wrote:

> Have you ever considered using PGP signatures to verify the
> authtenticity of your postings. If the neccessity of verifying the
> signature would be informed at signup time, it would be the 'user's
> fault' if he/she would believe the message without verifying it.

Most ISP's have customers who are not computer gurus. Asking them
to use PGP to verify all our messages would not be a good idea. Anyway
we would take your advice to digitally sign all our messages. 

Thanx

-Doug