Gnupg good for big groups?

MFPA expires2010 at
Thu Aug 5 20:00:16 CEST 2010

Hash: SHA512


On Thursday 5 August 2010 at 1:57:08 AM, in
<mid:969383F3-31BE-4ADE-94F3-4163365C1B07 at>, Robert J.
Hansen wrote:

> I strongly suspect that rather than being a minor issue this is in
> fact the largest issue shaping the group's development. It's kind of
> like gravity. You don't notice it very much, but it shapes your
> entire universe.

Interesting. I never considered it like that.

> People drop off the network because it's stopped becoming useful to
> them. The ones who leave tend to be the ones who have derived the
> least benefit from being part of the network -- their tolerance is
> not as much as those who have gained from being part of the network.
> The effect of this is that churn tends to be among new members, not
> among long-standing ones.

This could be describing almost any social or work-related group!

> Once the network shrinks to a state of usability,
> people stop leaving.  More people sign up, and more
> people leave.  Etc., etc.  This is all pretty basic
> networking theory, and it's why completely connected
> networks are rarely used in the real world.  You can
> only build it out so far before hitting a brick wall of
> self-limiting behavior.

Definitely not scaleable. A bit like a sports league where each team
plays against every other twice each season - this reaches a limiting
number of participants much quicker than a knock-out competition where
those who lose play no further matches.

>> It's really no big deal

> It's no big deal *for you*.

Of course; I claim no mandate to speak for anybody else.

> If you want to make a blanket statement of it being no big deal, you
> need to take into account the churn on the periphery: all those
> people who joined and then left because the key management problem
> was nontrivial.

I probably under-estimate the amount of churn - partly because few
people actually leave the group rather than just stop posting and get
culled at the next roll-call. It seems unlikely to me that key
management is the major reason people sign up and don't hang around,
since that also happens a lot in non-encrypted groups.

>> Remember, the communications are neither urgent nor
>> important.

> That's not especially relevant.

If nothing else, I think it is very relevant to where "not encrypted
to my key" appears on the scale from major problem to minor issue.

> Again -- my remarks here are not meant to be critical of the mailing
> list. Nothing of the sort. People who are on the list and like it
> should stay on it and I hope they keep liking it.

> I really don't want to give the impression I'm turning this into a
> referendum on PGPNET's existence.

Yes, you have made this very clear.

> My remarks here are of general applicability to completely-connected
> graphs. The stuff I talk about here is the sort of stuff you can
> expect to occur on any large OpenPGP-encrypted mailing list. I
> really don't want to give the impression I'm turning this into a
> referendum on PGPNET's existence.

I guess there is a more scalable model of openPGP-encrypted mailing
list. Maybe members could encrypt to a group's key and the list-server
decrypt, then re-encrypt for the members?

- --
Best regards

MFPA                    mailto:expires2010 at

Another person's secret is like another person's money:
you are not as careful with it as you are with your own


More information about the Gnupg-users mailing list