Web of Trust itself is the problem
makrober at gmail.com
Thu Jan 7 13:35:47 CET 2010
Thanks for your comments Werner;
Werner Koch wrote:
> On Thu, 07 Jan 2010 09:36:26 +0000, makrober wrote:
>> G/PGP isn't widely used because it does not address adequately the
>> real-life operational circumstances of the potential user, and
> I still believe that OpenPGP along with PGP 2.1 is the most used data
> protection scheme for plain data and email.
Correct, but still there is no doubt that only a very small fraction
of what I would call "qualified e-mail" is encrypted. (In this context,
let's agree that "qualified" is mail between two parties that have
a trust relationship and a real need for secrecy (from whatever
adversary!) as opposed to those that would just encrypt the mail out
of style or principle. We probably agree at least that that the adoption
of encryption in computer communication, both "general" and "qualified"
communication is surprisingly low, and that it is worth examining why
is this the case and what should or could be done to change that.
I offered one view of the reasons, but in the following I would also
suggest what would be worth undertaking:
Using the excellent crypto-code base of GnuPG, a derivative public
key encryption/decryption product with the following characteristics
should be created:
1) it should be communication channel and protocol agnostic.
2) its operational components should be self-contained; i.e., it should
assume it is running on a stand-alone computer. It should require no
tight integration with the operating system of the computer it is
4) until successfully decrypted, none of the data it operates on should
be distinguishable from a random stream.
5) it assumes that someone or something outside of the system guarantees
the authenticity of fingerprint of the public key of the corresponding
6) it can be both shell-driven and provide an API for the inclusion
into a variety of software products that manage the variety of
constantly evolving communication channels and protocols.
More information about the Gnupg-users