UI terminology for calculated validities

Hauke Laging mailinglisten at hauke-laging.de
Wed Apr 23 00:49:37 CEST 2014


Am Di 22.04.2014, 23:40:40 schrieb Peter Lebbing:

> Oh wow. I understand you can make any topic as difficult as you want
> if you put some effort into it,

We do agree that crypto is by its nature difficult (I don't mean the 
math I mean the organizational envorinment) and that a serious part of 
this difficulty is more or less hidden by current tools (in order not to 
scare the users away), don't we?


> but are there seriously people who
> have different keys for different levels of identity verification?

The answer seems to point to the wrong direction as, of course, having 
only one (active) key (per address) which is probably the situation for 
the majority of OpenPGP users, is just another problem as you cannot 
cover the spectrum of common security needs with just one key. You can 
even see that on this list where several people do not sign their email. 
In at least one case due to the rather strange argument that this would 
imply a higher "security" of the message than it really has. The reality 
is that this ignores the real problem: The lack of transparency of the 
security level (German only:
http://www.crypto-fuer-alle.de/wishlist/securitylevel/).

Thus we should head for most users having several keys. But as dkg has 
just pointed out (his suggestion to handle groups of keys belonging to 
the same person or organization has already been on this list years 
ago): We are technically not yet equipped for handling this. On the 
other hand: The current WoT is of little use anyway. But if this is 
supposed to change in e.g. five years we have to start to change 
something now.


Hauke
-- 
Crypto für alle: http://www.openpgp-schulungen.de/fuer/unterstuetzer/
http://userbase.kde.org/Concepts/OpenPGP_Help_Spread
OpenPGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20140423/521bfd09/attachment.sig>


More information about the Gnupg-users mailing list