On 10/24/2015 08:52 AM, Robert J. Hansen wrote:
I know it's popular to say the sky is falling, but it isn't, and this kind of scaremongering doesn't help anyone.
I agree that the sky is not falling, at least not for everybody. I do however believe that we must face the future without the hocus-pocus of "public key cryptography". *There is no secure communication over an insecure channel without out-of-channel bootstrap*. For a while, we thought that we can cheat the laws of nature with smoke and mirrors: either "trusted third parties" (a contradiction in term), or public key verification using devices such as "web of trust" (a Rube Goldberg-esque contraption if there ever was one in widespread use) or party-to-party key verification that depended on authentication and information exchange integrity over an insecure channel. As if that was not enough, we now see the cracks in the basement: advances in computing technology are corroding the fundamental algorithms, one by one... Fortunately, this process is slow, and there is ample time to transit. If the sky is falling, it is falling only for those that deal with the reality by burying their heads in the sand. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
