> . . .
>> Mozilla is founded ["funded" probably] by Google. Without Google
>> they would be gone.
>> Googles business model is not to protect the user but to analyze him.
>> That is not possible when you use mail encryption.
>> 
>> The question is still valid and imo, some pressure from the user
>> community might help to bring Thunderbird to the point where it can
>> be downloaded containing enigmail.
> . . .
> 
> Just considering your own points, would you trust an encryption
> functionality you thought was written in a way satisfying Google?


Sorry. Funded of course. And to answer your question. No I wouldn't. But would 
you still trust OpenPGP if it was delivered with every chromebook? Maybe that 
wouldn't satisfy Google, but I never asked for encryption technology that 
satisfied Google.

Robert wrote:
> I'm not a particular fan of Google (or Facebook or what-have-you), but
> let's make sure our criticisms of them match up to reality.

You might be correct. But also we all know that if Google has access the US gov 
does have access as well (other expamples would be dropbox, twitter, …). And 
although I might only tell my mom to buy 6 egg for a cake I'm going to make, I 
still don't want them to read that. Neither Google (which you say they don't  - 
but since we can't look into their internal mechanisms we'd have to trust them 
and if you ask me "do you trust google" I'd rather not) nor the US gov (which 
we know they do). Why again was it, that europe needed to sign swift-treaty?

> 
>> The question is still valid and imo, some pressure from the user 
>> community might help to bring Thunderbird to the point where it can
>> be downloaded containing enigmail.
> 
> You're certainly welcome to.  If you'd like to see Enigmail bundled with
> Thunderbird, then please write the Thunderbird developers a
> politely-worded email asking them to look into it.  

Will do.

>> The arguments by Robert seem to be rather minor compared to the huge
>> benefit delivery of save communication would bring.
> 
> There is virtually nothing OpenPGP can do that S/MIME cannot do.

Hm, that was also bothering me with the other mails you wrote on this topic 
earlier. It's already very late here, so bare with me I'm taking this from 
remembrance. You said due to the fact that the world is very big and web of 
trust not used much, it can't serve as a good information tool since most 
likely the signatures will be from people I don't know. 

I'm not so sure about that.  Wonder why google called the grouping feature in 
G+ "circle"? We communicate and behave and live in circles. This list is just 
another circle. And I might know e.g. our beloved Werner Koch from another 
project than this list. Or I might know Robert from another context than this 
list. The context might be the same (e.g. computersecurity) but it will still 
be the same people because at any time only so and so much people are currently 
dealing with a certain topic with a certain level of expertise. Wouldn't that 
mean that actually the web of trust should work well?

I think the web of trust is an awesome idea and again (as with encryption in 
general) it's up to each and every human to make use of those tools. Eventually 
the web of trust might become very informative indeed.

Isn't the big difference that OpenPGP is a decentralized concept while S/MIME 
requires centralized infrastructure?  And I have to say, currently I'd rather 
go with decentralized. Again, it boils down to the question of trust. I'd 
rather trust the web of trust than an anonymous centralized entity for which I 
don't know why they are in this business and who exactly is behind  the curtain 
of a company name (there is no business with a decentralized web of trust and 
imo it's much harder to corrupt it).


> There are certainly some implementation differences between the two, but in
> terms of broad capabilities they're almost identical.  If you want email
> encryption capabilities, they're already there.  If you want OpenPGP
> specifically, you'll need to find things OpenPGP can do that S/MIME
> can't do, and pitch it to the Thunderbird developers on that score.

See above.

>> Imagine a world in which Windows and OS X are delivered with
>> OpenPGP.
> 
> Windows and OS X are delivered with S/MIME already.  If people aren't
> using S/MIME (and they overwhelmingly are not!), why should we believe
> the presence of an OpenPGP suite would change their behavior?

Again, see above

>> Call me idealistic, but I think it's up to the community to make that
>> happen.
> 
> I'm not trying to dissuade you, but the people you need to convince are
> not on this mailing list.  :)

I am well aware of that fact. I just wanted to add my thought to this very 
interesting discussion. And maybe it's us (the people on this list) that can 
make a change. It has to start somewhere…

All the best, steve

Attachment: signature.asc
Description: Message signed with OpenPGP using GPGMail

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Reply via email to