Encouraging email security.
Wed May 21 14:19:34 2003
-----BEGIN PGP SIGNED MESSAGE-----
On Sunday 18 May 2003 08:06 am, David Picon Alvarez wrote:
> I don't think it's a question of UI any more, I
> think it's a question of needs and threat models. If you don't need
> something and it carries a cost you're not likely to use it.
> Perhaps the only way to get people to use encryption is to have a
> so-called "zero-UI solution" but even so, unless it would come
> incorporated in the MUA, I don't see people bothering to install
That's the wrong attitude. Cost is the problem -- clever UI is the
solution! The lower the cost of encryption (workload and monetary
costs), the more people will use it. I've followed PGP for many
years, and I'm more optimistic about it now than ever before. Secure
e-mail *can* be reborn.
The reason: A new class of *free*, full featured, e-mail clients with
fully integrated OpenPGP support *has* appeared. These OpenPGP
enabled clients do not require expensive S/MIME certificates and
their implementations are interoperable. (Certificate cost being the
dead-birth of S/MIME and interoperability being a major holdback for
both S/MIME and OpenPGP in the past.)
If we can lower the cost of key distribution and authentication via
innovative software design, rebirth of OpenPGP *can* happen. Thanks
to KMail and the latest commercial PGP, I am sending more encrypted
e-mail than ever before!
I'm borderline paranoid. I've had my e-mail read numerous times and
I've read others mail (by orders from superiors no less). Even for a
user like myself, OpenPGP was nothing but a toy until KMail came to
my rescue. For me, KMail removed the pain of encrypted e-mail. But
even now the cost is too high, we need to lower it further.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
-----END PGP SIGNATURE-----