please give us safer defaults for gnupg

Werner Koch wk at
Tue Dec 17 10:43:34 CET 2013

On Tue, 17 Dec 2013 00:11, adrelanos at said:

> compatibility, you can never reduce complexity. Less complexity means
> more simplicity, thus perhaps more usability. In my experience, projects

[ You may want to start getting rid of software which is run on your
  computer without you being in control of it (noscript seems to be the
  Anti-virus software counterpart for the Web) ]

> Please tell me, what kind of argument would you accept? I guess you'd
> like to see loads of happy gpg users, gpg for the masses, etc. Would
> numbers convince you? I mean, What if alternative projects such as

The next step will be the move to ECC which increases the security while
at the same time reducing the computation load and allowing for really
short keys (e.g. 32 bytes)

> Bitmessage etc. managed to get far more users while gpg passes into
> oblivion [while they objectively provide more/less security]?

There are many systems with more users than gpg.  Actually most systems
have more users.  Think of Skype, Bittorrent, or even Jabber.  I believe
GnuPG is still a useful tool, much like zip or tar.  As with many
infrastructure systems you will notices it only if it stops working.  No
more off-line credit card processing, hardware supply chains breaks, no
way to detect tampered software distributions etc, no way to send
account data.  It is easy for centralized or semi-centralized systems to
get usage statistics, for PGP (and to a less degree for S/MIME) it is
much harder to get the figures.  There are may keyservers running inside
of many companies.



ps.  As a minor data point that OpenPGP is getting more attention might
be the fact that the German Home Office has come around to prominent
publish a PGP key at their contact page (576D4411C9AD3034).  Funnily
wrapped into a ZIP file, though.  No hints for S/MIME or other
encryption methods.

Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gnupg-users mailing list