At 11:14 pm -0400 2000-09-01, Russell Nelson wrote:
>Ed Gerck writes:
>>Even though the web-of-trust seems to be a pretty good part of PGP,
>>IMO it is actually it's Achilles heel.
>
>Nope. Usability is its Achilles heel. PGP needs to be wrapped in
>something, and yet it's not really designed to be wrapped. Even if it
>were, PGP, Inc. changed the interface! Doh! And then there's the
>whole encryption method problem.
>
>No, web-of-trust as a problem is way down there on the list.
Actually, you're both right (or wrong, if you prefer you glass
half-empty ;) it's the poor tools for key management of other
people's public keys that is the Achillies heel, especially since the
integration with seriously kick-ass keyservers is still not there. Of
course, that's also a UI problem, but if you solve it, the
ciphersuites (key types) "encryption method" problem lbasically goes
away. Transparent key management, guys. Everything is a key
management problem from now on.
dave
