So while at InteropITX, the use case was given that your employees should expect a consistent signature from co-workers to ensure phishing hasn’t been used to gather information from internal staff to coordinate an attack.
HOWEVER, “Thanks, -Jake” is no cryptographically sane signature, and it’s not HARD to sign emails with your private key,
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 From: "Jacob Evans" <[email protected]> To: "Bob Smith" <[email protected]> Subject: Sales Opportunity I have a sales opportunity, but I need you to send bitcoin to my btc address, you know this is from me because I signed this message. Thanks, Jake -----BEGIN PGP SIGNATURE----- Version: Keybase OpenPGP v2.0.70 Comment: https://keybase.io/crypto wsBcBAABCgAGBQJZHUGmAAoJENfrgQMM+M86uhsH/AookwpXMfKd0jYn9iBy9LcE Ioh918btNMg8vmElPrIqLsul8Yy4Rb4YhODkd0WQ1PZeV8wZbfFXsmt1NC+dAZvW ES/xFH0oKLEGOwx1qmUc0UZ9lT1vqdy/Hj6C0A4XONZhrCtYHByMpSXY6HPNiheu W+ai5TXMa/5uEfyqNaDCU8xitQRhDdUp6cg3jD2kaAQgCQ/pKNVinCH7oqIMASkQ W5nmKLvGAsv0ONTMapiypPvdQPqmxAgnA11VFMhJW/SNe+1s8xaMsNO4d23Ew1mV 4K6TeLitA8Odm/tZQDIQFIcSGjRuMPLzkijKTxKF8I/GINlb11W4qlRn5aCf1rU= =VjCx -----END PGP SIGNATURE-----
I used keybase.io as an example, but you can use ANY implementation of OpenPGP for this and if you follow the link you see something like this:
If you are going to talk security, PLEASE actually use secure examples.
Thanks,
Jake