UI terminology for calculated validities
Hauke Laging
mailinglisten at hauke-laging.de
Wed Apr 23 00:49:37 CEST 2014
Am Di 22.04.2014, 23:40:40 schrieb Peter Lebbing:
> Oh wow. I understand you can make any topic as difficult as you want
> if you put some effort into it,
We do agree that crypto is by its nature difficult (I don't mean the
math I mean the organizational envorinment) and that a serious part of
this difficulty is more or less hidden by current tools (in order not to
scare the users away), don't we?
> but are there seriously people who
> have different keys for different levels of identity verification?
The answer seems to point to the wrong direction as, of course, having
only one (active) key (per address) which is probably the situation for
the majority of OpenPGP users, is just another problem as you cannot
cover the spectrum of common security needs with just one key. You can
even see that on this list where several people do not sign their email.
In at least one case due to the rather strange argument that this would
imply a higher "security" of the message than it really has. The reality
is that this ignores the real problem: The lack of transparency of the
security level (German only:
http://www.crypto-fuer-alle.de/wishlist/securitylevel/).
Thus we should head for most users having several keys. But as dkg has
just pointed out (his suggestion to handle groups of keys belonging to
the same person or organization has already been on this list years
ago): We are technically not yet equipped for handling this. On the
other hand: The current WoT is of little use anyway. But if this is
supposed to change in e.g. five years we have to start to change
something now.
Hauke
--
Crypto für alle: http://www.openpgp-schulungen.de/fuer/unterstuetzer/
http://userbase.kde.org/Concepts/OpenPGP_Help_Spread
OpenPGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20140423/521bfd09/attachment.sig>
More information about the Gnupg-users
mailing list