Why you should not use PGP

Ryan Malayter rmalayter@bai.org
Thu Dec 5 00:38:02 2002


From: Jagadeesh Venugopal [mailto:jagadeesh@jagadeesh.com]=20
>Given the tumultuous past of PGP, it is doubtful whether=20
>PGP will exist by the time you want to decrypt your documents.

I think you're missing something big. Doesn't PGP 8 output
OpenPGP-compatible files and key material? Which will, presumably,
always be readable by GnuPG, right? This the whole point of open
standards and RFC documents: compatibility.

I use GnuPG and open source shells, but I'm an engineer. I didn't choose
GnuPG because I think it's a better program than PGP 8. I chose it
because it's open-source, and I understand why that's important for
security.=20

Windows users, on the other hand, obviously trust at least one
commercial software developer, so why shouldn't we encourage PGP 8.0's
use by the Windows masses?  Presuming they like it's simpler interface,
trust the software developers, and are willing to pay for it? By and
large, the windows masses will never use GnuPG - so what's the harm in
promoting PGP 8?

The only way to get widespread use by non-technical types of GnuPG is to
have a really slick GUI design with nice a nice installer, great
documentation, and good technical support. These are the sort of
"non-programming" tasks that commercial software developers do ten times
better than free software projects. (Notice: I did not state that either
group performs any of said non-programming tasks "well" or even
"adequately").

Ryan Malayter
Sr. Network & Database Administrator
Bank Administration Institute
Chicago, Illinois, USA
PGP Key: http://www.malayter.com/pgp-public.txt
:::::::::::::::::::::::::::::::
Only two things are infinite, the universe and human stupidity, and I'm
not sure about the former.=20
     -Albert Einstein=20