German ct magazine postulates death of pgp encryption
Johan Wevers
johanw at vulcan.xs4all.nl
Sat Feb 28 13:22:19 CET 2015
On 27-02-2015 16:57, Mark H. Wood wrote:
> It's always good to look for patterns that lead to useful
> simplification. But there comes a point at which no further
> simplfication can be done without making the system less useful.
Well, in making it more beginner friendly, I imagine a system that does
not bother the user with complexities about whan to sign someone's key
to which degree, but after install:
1. The beginner friendly installer notices there is no secret key yet ->
create one automatically and upload it to the keyservers. To make the
experience as easy as possible perhaps even offer to use no password on
the key so it does not need to ask for a password when opening mail
(with a warning that this could give problems if losing or confiscating
the computer is part of the threat model).
2. It notices 2 email programs -> offer to integrate a plugin in both
and set the defaults to sign and encrypt when the receiver has a public
key on the servers. I agree that for webmail solutions this might be
difficult but plugins for browser automation do exist (usually aimed at
unit testing of websites).
This approach might lead to issues, like targeted attacks with false
keys and stolen computers, but it would get the number of encrypted
emails up. At least the mails would be safer in transit and at the mail
provider.
--
ir. J.C.A. Wevers
PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html
More information about the Gnupg-users
mailing list