On Wednesday 19 October 2011, Harakiri wrote: > --- On Mon, 10/17/11, Werner Koch <w...@gnupg.org> wrote: > > From: Werner Koch <w...@gnupg.org> > > Subject: STEED - Usable end-to-end encryption > > To: gnupg-de...@gnupg.org > > Cc: "Marcus Brinkmann" <mar...@gnu.org>, gnupg-users@gnupg.org > > Date: Monday, October 17, 2011, 2:11 PM > > Hi! > > > > > > http://g10code.com/docs/steed-usable-e2ee.pdf > > > > There is also a brief (for now) web page dedicated to this > > project: > > > > http://g10code.com/steed.html > > Here is some input, you might not like it - but still: > > I dont see any ground breaking new approaches to the topic - key > search via DNS has been in commercial products for over 10 years > already - nothing new - heck isnt there even an RFC that describes > this? > > Letting the keys automatically be generated by the client is not a > new approach either commercial solutions do this too - however - did > you think of the keys the user already has? His ID for example - you > are sponsored by the german government - the first thing which > should have come into your mind is that everybody can use his > "Personalausweis" as a Smartcard because it already has a > private/public keypair.
No, it does not. At least, not by default. If you buy a qualified certificate then you can put this certificate on your "Personalausweis", but, given how expensive such a certificate is, I doubt that a lot of people will use this feature of the Personalausweis. There are probably more people with an OpenPGP-capable smartcard than there are people with a German Personalausweis with an expensive certificate. > Other european countries could follow... > > Also - inventing just ANOTHER protocol for email encryption that mail > clients should implement? Heck, the only protocol available in all > major mail clients right now for out of the box encryption is only > smime - for PGP you need plugins - even after so many years there is > no out of the box solution for the other major standard - lets not > talk about all the compatibility issues with smime in all existing > clients. And you just want add another NEW standard which will solve > issues? I dont think so. What NEW standard are you talking about? Werner wants to use OpenPGP. The only thing he wants to simplify is key exchange. > Use existing tools most user have installed on his machine by default > - work with these and get a suiteable end-to-end encryption going! I'm not sure what existing tools you mean. Are you talking about S/MIME? You said yourself that S/MIME is no viable solution because of compatibility issues. Regards, Ingo
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
