On 2015-02-27 13:23, Ralph Seichter wrote: > > Your positions to this ct approach? > > The c't magazine is mostly well respected in Germany and the editors > have some valid points; the latest articles are by no means mindless > rants or PGP-bashing. The thought of letting PGP die as an e-mail > encryption mechanism for the "masses" (the non-tech-savvy average users) > and to have it replaced with something my mother could use is valid. The > c't editorial also clearly states that PGP works perfectly well and is > secure as long as keys are verified, but fake keys and people not > verifying fingerprints are a reality. Alice can't just send an e-mail to > Bob, she needs to acquire and verify Bob's public key first. Compare > this to transparent encryption like Apple's iMessage service uses and it > is not hard to answer which mechanism has better usability. I like and > use PGP like probably every subscriber on this mailing list, but the > number of people I can exchange PGP-encrypted data with is very low when > compared to the total number of my e-mail contacts. > > -Ralph
iMessages model offers way less security than GPG, and a centrail authority that all of humanity needs to trust in charge of everything is incredibly naive. What if I work for Apple's competition and need to send an extremely confidential message to my coworkers? I can't possibly trust Apple with handling my keys transparently for me. Encryption is clumbersome because that's the price of security and privacy. I hate having to put the key on the lock every day to open it, but if I don't, anyone can get in. Sure, I've heard the arguments like: * Let's use a globally trusted authority instead: There's no such thing and never will be. Someone will always have a valid reason to distrust it. * Set up your own keyexchange server: Ok, so we're back to GPG and keyrings where users need to manually retrieve keys from different places and determine if they're the right one or not. Please, stop spreading the iMessage falacy, it's system offers privacy only from *some* parties, but not from everyone. -- Hugo Osvaldo Barrera A: Because we read from top to bottom, left to right. Q: Why should I start my reply below the quoted text?
signature.asc
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
