On Monday 23 of January 2012 16:35:45 Holger wrote: > 2012-01-23T03:09:55-05:00, Robert J. Hansen: > > > Keyserver SPAM is a straw-man argument. Yes, it's possible for an > > > address to be pulled from the key on a keyserver, in fact, I'm > > > convinced harvesting probably takes place. > > > > As am I. However, it should be pointed out that this is no reason to > > avoid using the keyservers. > > > > One of the best ways to evaluate a defensive mechanism is whether it can > > recover from a failure. Consider securing your home. A lock on the > > front door is good, but once the thief is in past your front door the > > lock is pointless. It can't recover from a failure. > > I'm not a fan of comparisons at all, but I'd say my e-mail address feels > more like my postal address, thus I tend to handle them similarly. > But wouldn't you replace or enforce the lock on your front door once s.o. > made it in? At least you would still keep locking it, wouldn't you? ; )
And there's a very good reson why you shouldn't be a fan of such comparisions: Unlike physical security, properly implemented cryptography is unbreakable at this time. All key types in wide use are completely broken: tumbler locks, Gerdas, etc. they can be made useless with only a little bit of know-how and few simple tools. The only known working attacks on cryptography use brute force: similar to going through the wall, when the doors with a lock are too big of an obstacle. Regards, -- Hubert Kario QBS - Quality Business Software 02-656 Warszawa, ul. Ksawerów 30/85 tel. +48 (22) 646-61-51, 646-74-24 www.qbs.com.pl
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
