On 23/08/12 17:07, Robert J. Hansen - r...@sixdemonbag.org wrote:
Deploying PKI is nowhere near as big of a problem as convincing people that PKI adds benefit to their lives.
and
Right now the number one thing killing PKI is the fact nobody wants to adopt it. If you state, "well, before someone can use PKI they must understand the underlying concepts," you're automatically selecting for the upper 1% of computer users.
I propose to you (and to the people who are putting all that hard work into gpg) that there are actually two "things killing PKI": 1) Very, very few people are motivated to protect their communication by encrypting it, and at the same time advertise that motivation urbi et orbi by participating in the PKI/WOT. 2) Very, very few people have a need to encrypt the communication to someone they have not been in contact with in "real life" (where the public key fingerprint can be verified in person. Remember how Phil Zimmermann suggested printing the public key fingerprint on your business card? I used to do just that. For my public key, available on my personal, controlled-access web-page. Long time ago. Before the Good Lord invented key-servers, serving my email address and my identity to whoever happens to trot by :) PKI/WOT solves a minuscule problem (verifyng the key of someone you have not met before but have a need to communicate with in secret) at a humongous cost of software complexity and need for user comprehension completely beyond the motivation and the ability of "the other 99%" you mention. Peter M. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
