Encouraging email security.
Wed May 21 14:13:43 2003
-----BEGIN PGP SIGNED MESSAGE-----
On Sun, May 18, 2003 at 02:19:21AM +0000, tk wrote:
> Large proportion of e-mail users communicate mostly in their own
> "small-world" communities and they have absolutely no problem
> whatsoever exchanging, authenticating, revoking, etc. their public
> keys. It is also most likely that communication with fellow members
> of such communities will need to be protected (as opposed to the
> communication with strangers). I would thus suggest that a
> simplified GPG version (GPG-lite?) should be constructed and
> deployed, where the system does not even attempt to assist (let
> alone control) the dissemanation, authentication and revocation of
> public keys. The security of such system would remain as strong as
> the "real thing", provided that the key is exchanged in person (its
> finger verified over phone, printed on a business card etc. etc.).
This is a fairly frequent request, but the functionality you desire is
built into every copy of GnuPG. GnuPG is extremely configurable.
For example, to completely disable the web of trust, put:
in your gpg.conf file. That makes all keys fully valid and ignores
all signatures on them. A slightly less drastic way to disable the
web of trust is:
That makes GnuPG trust any key you have signed yourself, but no
If you want certain ciphers to be used, try:
That makes the key use only 3DES, SHA1, and ZIP (or none) compression.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3-cvs (GNU/Linux)
-----END PGP SIGNATURE-----