GMail PGP verification?

Faramir faramir.cl at gmail.com
Fri Feb 13 21:51:13 CET 2009


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Joseph Oreste Bruni escribió:
> On Friday, February 13, 2009, at 12:44PM, "David Shaw" <dshaw at jabberwocky.com> wrote:
>> Interesting.
>>
>> http://googlesystem.blogspot.com/2009/02/gmail-tests-pgp-signature-verification.html
...

> I like the idea of signature validation, but I'm not so sure I would like the idea of uploading my private key to Google's servers in order to actually sign an email or to perform decryption.

  I think the same, validation would be awesome, and harmless. But if
google "host" the private key of an user, probably there will be ways to
force them to decrypt messages sent by the users... I mean, if I am the
only one with access to my secret key, google can say "sorry, there is
nothing I can do to decrypt that message". And while we all expect
google should try to protect our privacy (which is very different from
trusting they are doing that), nobody can expect them to become a martyr
of customers privacy, by refusing to obey a legal order...

  Best Regards


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQEcBAEBCAAGBQJJld1BAAoJEMV4f6PvczxAvd4H/j5ESfO178oW0lDvfZbwguq1
lIYV1EDlgr9vAOakYe0t8ytwE2rlmUq6AY0++uV6x5CqrEuwGYhMC91vZUv/8wLi
4Xa2nosse0rETy8d18uWs0ZsOPTbPt5s07HmbYzfEAvQGnp6V6YaAMjQ4znzoOWz
82AS3Y1F40C1a1mNfSrG9V0wd/LDWrJOBWEojVUQ/r0+PCagU39vVRQfYyRII1xD
MO334Iq6V3i/N6ohfEQqptWUFWjqOOjuT3EOWRBZpPrB9rmQxHwF9joMpQDY05gg
ASK2pZTwoGgenWKs1vMtmfqaca8+QfV1MY0JVs174VRYdsGERXdPzdL9ev86Pxc=
=FKWu
-----END PGP SIGNATURE-----



More information about the Gnupg-users mailing list