what is killing PKI?

MFPA expires2012 at rocketmail.com
Fri Oct 5 03:00:36 CEST 2012

Hash: SHA512


On Friday 5 October 2012 at 12:22:07 AM, in
<mid:506E1A1F.9000903 at sixdemonbag.org>, Robert J. Hansen wrote:

> Problems do not have to be insurmountable to have
> serious effects on regular users.

Fair enough. To me, a problem that is "surmounted" by an effective
solution or work-around ceases to be a problem.

> John Clizbe maintains a 10Mb archive of every message
> that's ever been posted to the Enigmail mailing list.
> This comprises tens of thousands of messages.  If each
> message is encrypted individually, then searching
> through that archive could easily take on the order of
> a minute or more.  That's simply unacceptable.

I guess it depends what speeds you are used to. I expect about three
minutes to search around 65,000 messages (including around 3000
encrypted) at home using The Bat!, and a little longer at work to
search through 2000-3000 unencrypted messages using Outlook.

> It becomes completely impossible to do enterprise-level
> spam filtering.  If I send you email in plaintext, your
> ISP can check that email against its spam detection
> engine and, if my message gets flagged as spam, it can
> be automatically redirected to a spam folder.  If I
> send you email in ciphertext, your ISP can't do that.

Brilliant! Makes it harder for the service provider who is trying to
censor your mail. Although, the headers are still plaintext...

> Now, you might say that this is exactly the behavior
> you want.  If so, great.


>  But it's not the behavior
> that the overwhelming majority of users want -- I can't
> count the number of people I know who have completely
> switched to Gmail for their email provider just because
> of their superb spam filtering.  Many of these people
> are quite computer-literate and they know full well
> that Google is inspecting the contents of their email
> to deliver targeted ads -- but that's a tradeoff
> they're willing to make if it reduces spam.

Most of the spam I receive is pretty obvious from subject line alone.
Google's spam filtering would still have all the headers to work off.

Anyway, I would anticipate spam volumes to be lower if all messages
were encrypted. Would the spammers invest the cpu cycles to encrypt
their messages to each and every recipient? Unless they did it in
fairly small batches, the size of the ciphertext block would be
another spam indicator as they soon grow very large (look at the size
of the messages on PGPNET encrypted to about 40 keys). If they didn't
encrypt at all, their messages would stick out like sore thumbs
because everything else was encrypted. And encrypting the messages but
sending to lots of people who were not included in the encryption
would be completely pointless, since those who can't decrypt it can't
reply or click on links.

> Who says we should promote anything?

I can't say whether or not we should, but most of us spend our lives
promoting things.

> Nobody ever
> elected me Grand Poobah of the Internet.  I don't think
> anyone ever elected you, either.

At times I recommend things like restaurants, films, holiday destinations, pubs,
books, nightclubs, bands. Nobody elected me for that either

> Instead of telling
> people what they should do, what's wrong with giving
> people options and telling them that it's their
> responsibility to make informed choices?

And what's wrong with having safe and sane defaults for those who
choose not to make their own informed choices?

- --
Best regards

MFPA                    mailto:expires2012 at rocketmail.com

Don't cry because it is over - smile because it happened


More information about the Gnupg-users mailing list