It's also used heavily in FOSS development to verify authenticity of developer communications. On Mon, Jan 27, 2020 at 02:38:47PM -0500, Tim Keller via WLUG wrote:
The argument for pgp signing your emails is that it makes it harder for others to spoof your email address.
If I send you an email signed with my private key and the public version of my key is a place where your email client can access it, your email client can validate that the email originated from me.
John> I've never found a personal need for this myself.
Lucky you that you've never had your email address harvested from a public list and then used to spam lots of people...
Tim.
On Mon, Jan 27, 2020 at 2:30 PM John Stoffel <john@stoffel.org> wrote:
> "Tim" == Tim Keller via WLUG <wlug@lists.wlug.org> writes:
Tim> That would be a fantastic idea. I think part and parcel with Tim> doing the Keysigning should be a presentation on how to Tim> actually use the PGP key you've now created... How do you Tim> integrate your key into gmail / etc.
All I've ever heard about PGP signing emails is "Don't", even from the PGP creator, supposedly. But maybe I'm wrong and someone giving a good presentation (any CS classes on security who would be interested in joining for this talk?) would be nice.
I've never found a personal need for this myself.