Matt Whitlock [ARCHIVE] on Nostr: 📅 Original date posted:2014-09-15 📝 Original message:On Monday, 15 September ...
📅 Original date posted:2014-09-15
📝 Original message:On Monday, 15 September 2014, at 5:10 pm, Thomas Zander wrote:
> So for instance I start including a bitcoin public key in my email signature.
> I don't sign the emails or anything like that, just to establish that everyone
> has my public key many times in their email archives.
> Then when I need to proof its me, I can provide a signature on the content
> that the requester wants me to sign.
That would not work. You would need to sign your messages. If you were merely attaching your public key to them, then the email server could have been systematically replacing your public key with some other public key, and then, when you would later try to provide a signature, your signature would not verify under the public key that everyone else had been seeing attached to your messages.
📝 Original message:On Monday, 15 September 2014, at 5:10 pm, Thomas Zander wrote:
> So for instance I start including a bitcoin public key in my email signature.
> I don't sign the emails or anything like that, just to establish that everyone
> has my public key many times in their email archives.
> Then when I need to proof its me, I can provide a signature on the content
> that the requester wants me to sign.
That would not work. You would need to sign your messages. If you were merely attaching your public key to them, then the email server could have been systematically replacing your public key with some other public key, and then, when you would later try to provide a signature, your signature would not verify under the public key that everyone else had been seeing attached to your messages.