THE PGP-USERS LIST (AND PGP-USERS-DIGEST)

• About the List:

  (Pretty Good Privacy) is a sophisticated encryption program written by Philip Zimmermann and commercially developed at this time by Networks Associates Inc. (NAI, purchasers of the original developers, PGP, Inc.). PGP is utilized by many to encrypt personal or sensitive communications sent over the Internet or otherwise and files kept on computers. Encryption insures the privacy of such communications and sensitive data, both personal and business related. PGP also allows e-mails and files to be signed with digital signatures, insuring that the communication has not been tampered with subsequent to its signing and preventing the author from repudiating the communication in question. The PGP-users list has been established for several reasons including:
  • the discussion of technical issues surrounding the use of the PGP (i.e., how do I do this or that)
  • as a forum for a multitude of privacy related issues such as:
    • the use of anonymous re-mailers
    • export controls
    • the political aspectsof privacy and
    • government or quasi-government key-escrow.
    (Be forewarned, however, that it is presumed, before you post, that you have at least tried to find the answer in the exhaustive PGP manual which accompanies the program and the PGP FAQ before looking for an answer via the list.) While there is intended to be a technical bent to the PGP-users list, the list is not intended to be a highly technical forum for cryptology (try the pgp-sdk list or cypherpunks for that sort of discussion.)

• Good things to do on this list:

  • Apply copious amounts of common sense, just because something isn't explicitly against the rules doesn't mean you should do it. For the most part, I expect list members to behave professionally and respect other members.
  • Prune out quoted text down to the minimal needed for the context of your reply.
  • Be thoughtful in your reply. PGP-Users is very busy and so are most of it's subscribers. Please don't waste bandwidth. Send private email unless the answer really would be of interest to a large number of subscribers (e.g., answers to simple/common questions generally aren't of wide interest). List Prohibitions:
  • Advertising on the list is strictly prohibited and will result in the violator(s) removal from the list. This is intended to be a discussion forum, not a commercial one, although incidental discussion of PGP using products is permitted.
  • PGP encrypted messages are also prohibited on the list and should be restricted to private e-mail (where they are, of course, encouraged) or the alt.anonymous newsgroup on Usenet.
  • ONLY POST IN PLAIN TEXT. Posting messages in HTML format is prohibited. Many of the users on the list cannot read such posts and it is annoying to those who do not have this capability. In fact, with our newest mailing list software, messages not in plain text are automatically rejected, so there is no reason to even try this.
  • DO NOT POST 'TEST' MESSAGES. A message like 'is this thing working?', or 'how come I haven't received any posts?' or 'did this get through to the list' (check the archives first!)not only wastes a tremendous amount of resources but makes you look foolish in from of 2000+ people. If you have a problem, notify the list-owner". I'm the only one that can fix the problem anyway and if it's broken then we don't need a !%^$#@@!! test message (can you tell it's a pet peeve of mine? :-) I'll probably be giving you a hard time if you do this. A very hard time.
  • DON'T SEND SUBSCRIBE OR UNSUBSCRIBE MESSAGES TO THE ENTIRE LIST. The instructions for unsubscribing are in EVERY SINGLE MESSAGE you'll get from the list (in the headers and in the footer!). If there are other good places to put it, tell me. I'll try it. :-)
  • DON'T POST 'ME TOO' MESSAGES. See the 'apply good sense' rule for the rationale. ;-)
  • DO NOT SEND YOUR PGP PUBLIC KEY TO THE LIST. The other members do not necessarily desire it. Use public keyservers. That is what they are for. It is acceptable to include, in your .sig or in an X-header, the URL to your public key on a public key server. Please note that it is best to use the hex KeyId in such strings to prevent someone from posting a public key with a bogus identification in it and then run a simple "man in the middle" attack to obtain your private/confidential messages.
  • Personal insults and/or attacks on any company or other entity (flaming) will not be tolerated. At the discretion of the list owner, members who violate this rule may be suspended for a finite period of time or removed from the list without further warning (although at least one warning will be given except in the most egregious circumstances.) This list represents an unique opportunity in that employees and other representatives of PGP-related manufacturers are subscribed and thus list members have a chance to influence, albeit indirectly, the development of PGP related products. If you disagree with an entity's method of developing its product, this list is not the place to air that disagreement. Those issues should be directed to the entity in question via the usual channels.
  PLEASE NOTE THAT BY POSTING TO THE LIST YOU INDICATE YOUR AGREEMENT TO ABIDE TO THE GUIDELINES SET FORTH HEREIN. FAILURE TO DO SO MAY RESULT IN LOSS OR SUSPENSION OF POSTING PRIVILEGES.

• How to Subscribe/Unsubscribe and Post:

  • To subscribe to the list: Simply e-mail the '-subscribe" address and you will be automatically sent a confirmation, and when that's returned, be subscribed to the list. Add the word 'digest' after pgp-users, to sub/unsub from the digest list.
  • To unsubscribe to the list: Simply send an e-mail to the '-unsubscribe" address, confirm and --that's it! Also, make sure you correctly spell subscribe and unsubscribe :-) About 80% of the "your list is broken because I can't unsubscribe" messages I get are because people didn't spell it correctly. The other 20% have changed email addresses in their From: lines so make sure you have that correct as well. If you cannot figure it out, then contact look at the FULL HEADERS for the last message you received and you will find it embedded on the first line something like this: [email protected] The 'username=host.domain' is the address you are subbed under with an equal sign ('=') substituted for the at ('@') sign in your address. This is call VERP style headers (for those interested) and are used by the mailing list manager, ezmlm, to help handle bounced mail. You should never need my help to figure this out. Thus, I will almost never unsubscribe someone manually, but I will try to send you instructions about what you are doing wrong if you ask for help. If you change addresses and forgot to unsub first, don't bother me about it. Wasteful as it is, e-mails to that address will bounce and eventually ezmlm will remove the address automatically. No need for anyone to intervene.
  • To Post to the List: To post to the list send your e-mail to: [email protected] NOTE: When you ``reply'' to a message that was sent on the list, it will be sent back to the entire list -- not just to the sender of the message. If you want to make a private reply you will need to be careful that you don't reply to the entire list. Some list software will allow you to reply to just the From: address, which is what you want in this case (if your mail client doesn't, consider switching or getting it added). Please note that only subscribers may post to the list. This helps keep spam off the list. But more importantly, you can only post from the address you subbed from, unless you tell me so I can configure the list to accept posts from you from other 'secondary' addresses. So if you get pgp-users at home, but want to post from the office, e-mail me so I can set it up. To address administrative matters, please e-mail me directly, off list at [email protected]