📅 Original date posted:2014-09-15
📝 Original message:On Monday, 15 September 2014, at 5:10 pm, Thomas Zander wrote:
> So for instance I start including a bitcoin public key in my email signature.
> I don't sign the emails or anything like that, just to establish that everyone
> has my public key many times in their email archives.
> Then when I need to proof its me, I can provide a signature on the content
> that the requester wants me to sign.
That would not work. You would need to sign your messages. If you were merely attaching your public key to them, then the email server could have been systematically replacing your public key with some other public key, and then, when you would later try to provide a signature, your signature would not verify under the public key that everyone else had been seeing attached to your messages.
Matt Whitlock [ARCHIVE] /
npub17q…upwet
2023-06-07 15:25:48
in reply to nevent1q…ax8s
Author Public Key
npub17qxssk9sj2r7jswvh3y32e7vwz7mcckhz33gk9nurdmw0lhsfkgswupwetPublished at
2023-06-07 15:25:48Event JSON
{
"id": "5b71b7506b9c9914c9dcfe42ea9e14307da989492a887aefdb7ad70487f57bed",
"pubkey": "f00d0858b09287e941ccbc491567cc70bdbc62d714628b167c1b76e7fef04d91",
"created_at": 1686151548,
"kind": 1,
"tags": [
[
"e",
"eaac3fd254257c5f067156e98a14f377d806c5143b78136b7c018a295cb8236e",
"",
"root"
],
[
"e",
"8ebd2ed3db12440ca85ccd54729b8b06eba08079c3185d025860296694328846",
"",
"reply"
],
[
"p",
"6f226bd1c86c22aed12ec82cd2dab4b5e2f77fd662ac4e1f881170a12da87bd6"
]
],
"content": "📅 Original date posted:2014-09-15\n📝 Original message:On Monday, 15 September 2014, at 5:10 pm, Thomas Zander wrote:\n\u003e So for instance I start including a bitcoin public key in my email signature. \n\u003e I don't sign the emails or anything like that, just to establish that everyone \n\u003e has my public key many times in their email archives.\n\u003e Then when I need to proof its me, I can provide a signature on the content \n\u003e that the requester wants me to sign.\n\nThat would not work. You would need to sign your messages. If you were merely attaching your public key to them, then the email server could have been systematically replacing your public key with some other public key, and then, when you would later try to provide a signature, your signature would not verify under the public key that everyone else had been seeing attached to your messages.",
"sig": "d0d74c435cf8b5a2475f4f8a4a1b779f10772e5f6959104d2780b0463c6e970987f3281634e53e72eec3e9c7426d7a0d1fde15cf38ae3e1bc2eec738ed5320e3"
}