-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 08/29/2012 10:18 AM, Mark H. Wood wrote: > On Wed, Aug 29, 2012 at 12:00:22AM -0400, Landon Hurley wrote: > [snip] >> The barrier is solely cultural, not technical. Enigmail, >> Thunderbird and gpg4win are trivial to set up. The first time I >> did it, it was on the phone, talking someone through it. So we >> either need to invent some sort of massive threat perception to >> unite everyone to adopt PKI, or just continue to push it as a >> grass roots movement. Or if some kind person would like to >> introduce a viable third option, I think a decent portion of >> humanity would owe him/her a debt. On the other hand, I'm >> advocating a rather heavy handed, Platonian, do it for people's >> own good even if they don't like it/decide they need it, so I'm >> sure at least some, or even most, will disagree as well. I will >> add my confession to the pile of selfish reasons to want to have >> PKI become widespread. > > I'm not sure that the average person's current mode of living > really exposes him to a threat big enough to take seriously. > Rather than a threat of actual loss, I feel that we face an > opportunity cost: there are things we could do differently, > arguably better, if we could do them securely via electronic > media. > > We simply wouldn't think of discussing possibly embarassing > personal matters with our doctors by email, even if the doctors > would agree to, so we don't ask. We still carry around > hand-scrawled prescriptions, or cross our fingers and hope that the > doctor's FAX calls to the pharmacy are really secure, when we could > (given the infrastructure) get a (long!) number that can be > verified as coming from the doctor, verified to still say what he > said, and unlocked only with our personal smart card and PIN. > (Also it would have to be typewritten, so it wouldn't be so hard to > interpret. :-) We could do e-commerce without worrying about our > trading partners' losing a truckload of backup tapes or being > massively compromised from afar, because we would never give them > any secrets worth stealing. We could manage a handful of > certificate passwords instead of a thousand website passwords. We > could probably do a lot of other stuff that I haven't thought of > because, in our present nearly-naked condition, it's unthinkable. > > Individuals wouldn't be the only beneficiaries. The first bank in > town to offer free or discounted certificates *and* more-secure > e-banking would have a competitive advantage. The first e-tailer > to offer security the others can't touch should win the business > of consumers who are worried by all the "'hackers' capture 200,000 > passwords" stories in the papers. The doctor or lawyer who adopts > a pervasive records security plan (of which customer > communications would be but a part) should be able to negotiate > lower insurance premiums. It seems to me that people are leaving > money on the table all over. > > > > _______________________________________________ Gnupg-users mailing > list Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > Sorry, I was using the term threat and cost of not utilizing an opportunity interchangeably in my head. I completely agree with you, there are things I also had a thing about businesses originally in there, and dropped it because I didn't want to throw even more text in one email. Again, completely agree.
As for your second paragraph, I don't even trust my pharmacy to actually act upon stuff they receive in some cases. I wish they could actually be secure, but I don't anticipate it. I honestly wish I could change from a mail order company. I do have a question about where you talk about backups though. How does PKI prevent back up loss? Landon - -- Violence is the last refuge of the incompetent. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iQIcBAEBCgAGBQJQPmoqAAoJEDeph/0fVJWsAVEP/3TzM+CZtvsBYIFSAohDZTOy vK5K4X4go1ksjmIaD2hvcYMqPYsVCpHjJ9nPNqALyPcKdAkHspownLGdSYZEsfkm +h7Ik17kjHJojtez5h7kLAVNNT+aYBZJB+KbeTtkEMOhNFZQmOc/lt0mMYf9ilvC PowD5XMxeY92IRTqgN3qh0P2wA78+8jM5Mvppri/N77l3TcbTBH1ViB5bTi7hTLm yjvCTjADt5an1DHYO1FG3BH3s3wuYAi+BnOJNOm8cIfqT2P4txWJRvlbDVhpFaBj rmhRp4f0s+JxAWbJeZTW6cEYv5grD4ZnxYj4Dr2padTLconIUCjAe1eXiYldP2Pu 9WmA60iDn1PtfXV4gEXd9JficRWaUMcCBc5pbhtSK2iDrI0zWkuMPSXVYZ9n4Ta/ JlddtMR7NRIrQVhHR2tj57HpzxQykru3j3uea+ZbKCJW0thJMeK2sQ5Fx5A6efGi 4TIIzeXpL0QCCHYdyRe8vTUCetabMFFAm6ouWdU1ne/EJp+QVXhhpksQ5jI9c+9/ 7uCByzRXMdqUsRf5wLqzk5jtpG7qyjTQDVlut7UJNZr8r2seropfiIKwlN1+3FL0 VSRnuGFhAhpIppt36rRhcE8KkgOaKT7hr24+Gu4Xfzk2lE8LYVwrS6xjUffYZOe5 MxTdfg9IyTGF5DgTEAvV =gg2G -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
