E-Mail Encryption: Why Isn't Everyone Doing It?

Anthony E. Greene agreene@pobox.com
Thu Oct 24 08:24:01 2002

Hash: SHA1

On 23-Oct-2002/17:48 +0100, Graham <graham.todd@ntlworld.com> wrote:
>Surely its not beyond the expertise of those who produce such a 
>brilliant program an GnuPG to provide a GUI interface through which ALL 
>commands can be given and which (in Linux anyway) can be used as a 
>stand alone program to encrypt or sign emails even in MUAs without GPG 

Have you taken a look at the GnuPG manual lately? GnuPG can do lots of
things that PGP cannot do. There is no way to reproduce all those options
in a GUI and still have an easy to use interface. In the last 24 hours two
options were added in reponse to a user with a lost public key. If that
kind of responsiveness had to be put on hold because it would take too
long to put it into an GUI, then GnuPG would not be as good as it is.

In any case, the features you are referring to will not be used by 90%+ of
users. They will not care about trust values or key management. They won't
know anything about their keyrings and won't care. Nor should they. This
stuff does not need a good interface. It needs to drop out of sight. It
needs to become as transparent and automatic as SSL.

People don't care about the interface for managing SSL keys and certs and
they shouldn't have to care about the interface for managing OpenPGP keys
and certs. This stuff should be built into mail software the same way SSL
is built into browsers. Until it is, it just won't be widely used.

- -- 
Anthony E. Greene <mailto:Anthony%20E.%20Greene%20%3Cagreene@pobox.com%3E>
OpenPGP Key: 0x6C94239D/7B3D BD7D 7D91 1B44 BA26  C484 A42A 60DD 6C94 239D
AOL/Yahoo Messenger: TonyG05    HomePage: <http://www.pobox.com/~agreene/>
Linux. The choice of a GNU generation <http://www.linux.org/>

Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Anthony E. Greene <mailto:agreene@pobox.com> 0x6C94239D