Dave Del Torto wrote:
>
> At 11:14 pm -0400 2000-09-01, Russell Nelson wrote:
> >Ed Gerck writes:
> >>Even though the web-of-trust seems to be a pretty good part of PGP,
> >>IMO it is actually it's Achilles heel.
> >
> >Nope. Usability is its Achilles heel. PGP needs to be wrapped in
> >something, and yet it's not really designed to be wrapped. Even if it
> >were, PGP, Inc. changed the interface! Doh! And then there's the
> >whole encryption method problem.
> >
> >No, web-of-trust as a problem is way down there on the list.
>
> Actually, you're both right (or wrong, if you prefer you glass
> half-empty ;) it's the poor tools for key management of other
> people's public keys that is the Achillies heel, especially since the
> integration with seriously kick-ass keyservers is still not there. Of
> course, that's also a UI problem, but if you solve it, the
> ciphersuites (key types) "encryption method" problem lbasically goes
> away. Transparent key management, guys. Everything is a key
> management problem from now on.
I'd be amazed if this is true - I manage vast numbers of files with
seriously crap tools - I can't believe I need hugely better tools to
manage the relatively small number of public keys I have to deal with.
I suspect you only think this because you have to deal with the
keyservers more intimately than most of us do.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
Coming to ApacheCon Europe 2000? http://apachecon.com/
