-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 6/24/2014 10:57 AM, Hauke Laging wrote: > Am Di 24.06.2014, 09:50:04 schrieb Nex6|Bill: > >> anykind of "best practice", should be simple, so that it >> encourages a sane baseline for people. > > That depends on it whether you need security or the illusion of > security is enough for you. > > IMHO it is one of the main problems that hardly anyone cares about > telling protection levels apart. "Security" is a really wide > spectrum, for some beginning at "random six letter passwords". You > cannot say in a useful sense what is a good recommendation without > looking at what is needed in the respective situation. > > > Thus I advocate a standardized set of security levels for data, > keys and systems. And authentication on the other hand: > > http://www.crypto-fuer-alle.de/wishlist/securitylevel/ (German > only) > > > Hauke > how did you get, security vs illusionary security from that? and while I agree that "security" is not well defined, in a way that a user or admin can tell what level of security an object or configuration will give him. that does not mean we should get all hyper paranoid on all of our best practices and guidelines to a point where only advanced geeks can understand it. for things, like encryption we, should make an effort for the baselines to be sane, and simple. leave the more advanced stuff to the advanced users. I have found that, when something is complex and or hard to use users will not use it, or will find ways around it. > > > _______________________________________________ Gnupg-users mailing > list Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJTqcTsAAoJEBr/3kncCBhnOJoQAI48wKO5tJOfkvcQ0FNeVoy8 STr4QtRSl9wk7xV0d/xXHcJ8qJcv3PfxrgVHFawca3V6hoPflUJBH2iVV2IxAXB/ x2+3AL3yerEQIt/H24dz94MMqwp9MxWGDdZmruaWB7zyrNQLmxicOLecRtSZ8e5d WdxpnpwQipZQun+7NljzVLD3tkHksEvwSnpXMa8A1qFVTlJEjhB8tspOGE/JU7I3 Mqp8vSwpDK9dRjVcLNpMZPRLt1q/KCBNoxfpWzqEFNOgYKMBQSqcYjsgipxQrNT0 xk9gnBv9cMLO+X/fXUxoEFreoEKGEXxxF08N+vX7Sptii6clBSux2g5uX1e9MqqG vX4bROQZN6H6vPXnofHsC8jzS+Fh51YE5E5Xn2vali8IUcVjL6Rsh3pVJl4/Z4+T dNCXydFU4DaDl4vFMGTsOeavZ3yO5N6lFjCveKBMBe8BwwbUj3LIaZJW9XfqeBab jyaCWyz02NfpfasqCpyAHzNubD2/rIktCesetPtDquLDviZyM3mVvs8PoyhsINIA D+jDd6Y5UJ5sq0Hfd92s8CgP7suKfh0lyr7xmKrMY5hblugdveF6teNsr0IcDPPv I//WpIj69CBFzCrUi0JZBEiNOx9ksJNIyMGs/qurSxV/7ChYll6mV1NUx0Ph9geC lgwmmBPdDA1hibFCd7Kk =JUaP -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
