PGP/MIME considered harmful for mobile
ben at adversary.org
Mon Feb 28 04:19:49 CET 2011
On 28/02/11 12:35 PM, Robert J. Hansen wrote:
> On Feb 27, 2011, at 5:17 PM, David Shaw wrote:
>> Can I see the HCI study that MIME attachments confuse people? ;)
> I would love to see such a study. However, I never made that claim. :)
> Someone else made the claim PGP/MIME is superior because inline
> OpenPGP signatures confuse people. Okay, I'll stipulate the latter:
> but to argue that inline OpenPGP signatures confuse people but
> PGP/MIME signatures don't (or that they confuse people much less)
> seems to me to be kind of a stretch.
I've seen both confuse people. In-line generally produced general
confusion about what it was, PGP/MIME produced either "I couldn't open
that attachment" or "careful, you might have a virus." At which point
I usually responded with a pre-written explanation of what it was, why
I used it and why their (usually Microsoft) MUA couldn't handle it.
I haven't received a panicked or confused response like that in a few
years, but I do occasionally get questions as to what it is that are
more just people being curious. I see this gradual shift in reactions
as a good thing.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 227 bytes
Desc: OpenPGP digital signature
More information about the Gnupg-users