STEED - Usable end-to-end encryption
Robert J. Hansen
rjh at sixdemonbag.org
Tue Oct 18 02:27:06 CEST 2011
On 10/17/2011 6:07 PM, Jerome Baum wrote:
>>> So enabling _Enigmail_'s "Send 'OpenPGP' header" option is difficult now?
> The emphasis was clearly on "Enigmail", not on whether it's difficult or
And the answer to your question is obviously, "Yes."
> If you hadn't misquoted me you might have included the bit where I
> said this should be default-on (obviously so the user doesn't have to
> configure it).
As soon as you can figure out a way to do this, I'll take it seriously.
Until then, this is magic pixie dust.
Everyone has an idea for how to do this: I've yet to see a single one
that actually stands any chance at success. The more you make the
process automated the more fragile and exploitable it becomes. The more
you shift the burden to people, the better your chances of resistance to
attack but the worse the learning curve and adoption rates become.
More information about the Gnupg-users