OpenPGP vs inline PGP

Ben Finney
Fri Jul 11 01:29:01 2003

Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On 10-Jul-2003, Robin Lynn Frank wrote:
> We don't share the same view.  To me, it works or it doesn't.  Its
> secure or it isn't, etc.

Your view is a poor model for reality.

"Working" is never an absolute.  It is far more accurately modelled as a
continuum of "how close does this come to meeting my requirements".

"Secure" is even less amenable to absolutes.  Security of a system can
only be meaningful when quantified in terms of risk -- "what is the
likelihood of attack model X succeeding, and how much damage is done if
it succeeds?"

If you think of either "working" or "secure" as absolute properties, you
will always be disappointed.

 \       "I spilled spot remover on my dog. Now he's gone."  -- Steven |
  `\                                                            Wright |
_o__)                                                                  |  F'print 9CFE12B0 791A4267 887F520C B7AC2E51 BD41714B

Content-Type: application/pgp-signature
Content-Disposition: inline

Version: GnuPG v1.2.1 (GNU/Linux)