[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Cryptography] Avoiding PGP
- From: "Kevin W. Wall" <kevin.w.wall AT gmail.com>
- Subject: Re: [Cryptography] Avoiding PGP
- Date: Thu, 15 Mar 2018 17:22:32 -0400
- Arc-authentication-results: i=1; mx.google.com; dkim=neutral (body hash did not verify) email@example.com header.s=20161025 header.b=feXiBmun; spf=pass (google.com: best guess record for domain of cryptography-bounces+ben=bentasker.co.uk AT metzdowd.com designates 2001:470:30:84:e276:63ff:fe62:3500 as permitted sender) smtp.mailfrom=cryptography-bounces+ben=bentasker.co.uk AT metzdowd.com; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:cc:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:to:message-id:date:from :references:in-reply-to:mime-version:dkim-signature:delivered-to :arc-authentication-results; bh=QlqVTMb77lE3X/wWWd/wd7XrjNJ3naiqjYTfrlNWC3Y=; b=ga0ZGrCtSFDUuDvdRuMD8olBbR8FsI7cJcWvbsp93NOOQgvRl46trT0bKBEl9qfMiA ZIyMSf67eSyjNt2WwcU9SKAEHkGY0UmIuCcbNY98I+MPw2yFaQUAKwlOa0/UXDV2SNdv de00XurBnZIyVLNhiXAkZtq3i4dYha4KvD+k/oOn3GwUdgpJJMMEL3flM4U0G4BvckUN DZ+U8aGY0N0PAfWfa8HNx/CU5Oh2pJ2hgf+352NDoA5wKsrjOoJoE4dWEm6Y8u8JJAet goBpo7JZh4F7jjLv3zQQ+4nJp5dG3dUZnOx15S9xhhnZai65ri1F/Qmp+SLrIm1Sz9pz dJKw==
- Arc-seal: i=1; a=rsa-sha256; t=1521175316; cv=none; d=google.com; s=arc-20160816; b=qzo2YmPdUL/HiXEvoWbVqC3JSYByrSCDeLfQCBtan2i4YAIJrjwjMTVVFCFkN4yY4Z st2cF4ELvBBzFngutYC7vj97GRc7505Ww+P1MuFZy0fJBA93D+Q+H0W76MYP355Jn+wz goft0zV8zjjkQd3ubPSLeuy8q7VWNCa1mErp74Vfrh0JoSReVTh17v/dNZsFYJNPLfJU eeEF15GojWFuAE++witxbre5Y8RiXbjcIHzXHlIdTvDVNcYBJGHyMHBLGafhUZ4pRYhY 2k0Y9OCbpk8r/p4a3DQ8fwIpnpsi2Ok+suTeaomD5ycQ27fhWRNUTzJGtfLXEyCgzuN7 pyGQ==
- Cc: Cryptography Mailing List <cryptography AT metzdowd.com>
- List-archive: <http://www.metzdowd.com/pipermail/cryptography/>
- Sender: "cryptography" <cryptography-bounces+ben=bentasker.co.uk AT metzdowd.com>
- To: Alexander Klimov <alserkli AT inbox.ru>
> The problem only starts then none of the users is tech-savvy or only
one is and he cannot support the other. I think this is quite rare
use-case and it is very unlikely that someone without knowledge or
support will be able to use any cryptographic system securely, so we
should not blame GnuPG here.
Seriously? You think that is *rare* when only one user is tech savvy and unable to provide sustained tech support for friends and family? Half of my friends & family belongs to the "blinking twelve" club. Me trying to explain WoT to them would certainly result in a deer-in-the-headlights look. On the other hand, I don't even need to explain Signal to people. For the most part, it's just install it and go, taking care to explain how to note when 1 or more recipients are not using Signal and how that message is not delivered with end-to-end encryption to those people.
So while I am not *blaming* GnuPG, it most definitely is harder for non-technical folks to use. Also it is interesting to note that inside of corporations, PGP and S/MIME email have largely been replaced with Identity Based Encryption such as Voltage Secure Email. No need to explain that to people.
The cryptography mailing list
cryptography AT metzdowd.com