learning curve like Monte Cervino

Robert J. Hansen rjh at sixdemonbag.org
Thu Aug 2 15:49:23 CEST 2012

On 8/2/2012 3:49 AM, peter.segment at wronghead.com wrote:
> I happen to agree with most of what was writetn in your lengthy 
> expose. But you omit one important problem: the program like gpg is
> deployed, 99% of the time, with no user specific threat analysis.

GnuPG is not required to be all things to all people.  GnuPG is just
required to be an RFC4880-conformant encryption and signing application.
 It's a tool in the toolbox, nothing more.  It can be used in a broad
variety of ways.  As I pointed out a couple of emails back, it can even
be set up in ways that end-users need to know nothing about the Web of

> This means that it must answer all conceivable threats, which in turn
> makes it so hard to use that it's adoption rate is, well, what it
> is.

No.  Read:

	Shirley Gaw, Edward W. Felten and Patricia Fernandez-Kelly.
	"Secrecy, Flagging and Paranoia: Adoption Criteria in
	Encrypted Email."  _Proceedings of CHI 2006_.

That remains the best serious analysis of why encrypted email rates are
so low.

> Consequently (at least as I read your text) you reject the most
> damaging canon of the contemporary "computer security industry", the
> one that demands no knowledge, no conceptual understanding and no
> discipline on the part of the end user - it all has to be solved for
> him by the software. For this I applaud you.

Which confuses me, given that you seem to be saying you want users to
not need to know anything about the underlying crypto, or how it ought
be used for maximum effect.

> However, I would add one more thing as necessary for successful use
> of any security software: *user-specific threat analysis*.

Google the list archives again for the phrase "threat model."  We tend
to talk about that a lot here.

More information about the Gnupg-users mailing list