E-Mail Encryption: Why Isn't Everyone Doing It?

Anthony E. Greene agreene@pobox.com
Fri Oct 25 18:29:01 2002


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 25-Oct-2002/11:49 +0200, Adrian von Bidder <avbidder@fortytwo.ch> wrote:
>
>Perhaps a good way to improve userfriendliness of pgp frontends would be
>to include and trust the keys of a few pgpcas by default.

Good idea. I think it might be better to offer the user an opportunity to
choose keys to trust. There might be ethnic, religious, nationalistic,
and/or other concerns about trusting certain CAs.

>The installer should
> - force/encourage people to generate or import a key for them
> - add a few trusted pgpcas (and offer to sign their keys, so
>explicitely marking them as trusted would not be necessary
> - chose a good keyserver
> - offer links to pgpcas' instructions on how to get certified.

It should also make a revocation cert and backup copies of the keyrings
and offer to put those on separate media.

It seems to me that a shell script using "dialog" or a Tcl/Tk script may
be able to do most or all of this.

Tony
- -- 
Anthony E. Greene <mailto:agreene@pobox.com>
OpenPGP Key: 0x6C94239D/7B3D BD7D 7D91 1B44 BA26  C484 A42A 60DD 6C94 239D
AOL/Yahoo Chat: TonyG05      HomePage: <http://www.pobox.com/~agreene/>
Linux: the choice of a GNU Generation. <http://www.linux.org/>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Anthony E. Greene 0x6C94239D <agreene@pobox.com>

iD8DBQE9uXFWpCpg3WyUI50RAm16AJ47l3TV5WlcuA8iKq1MOL3pqga2nwCfZCkV
kBmnqatZ2NinrNGMAOp9MeE=
=3aCm
-----END PGP SIGNATURE-----