Proposal of OpenPGP Email Validation
Kristian Fiskerstrand
kristian.fiskerstrand at sumptuouscapital.com
Wed Jul 29 13:14:56 CEST 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On 07/29/2015 01:07 PM, nico at enigmail.net wrote:
> Hmmm,
> There should simply be no overhead in using OpenPGP in the ordinary
> case for the ordinary user.
>
Any secure system needs proper operational security surrounding it,
that require user awareness. So if security/privacy is a priority,
there needs to be an overhead (it might even serve a purpose as it
reminds the user about the the proper procedures to follow).
Quick example; They can use OpenPGP all they want, doesn't help one
bit if the private keys are stored on the computer, running a 10 year
old version of Operating System XY with so many trojan horses working
on copying the private key data that they are fighting over the
resources on the computer.
To paraphrase Schneier, security isn't a product it is a process.
- --
- ----------------------------
Kristian Fiskerstrand
Blog: http://blog.sumptuouscapital.com
Twitter: @krifisk
- ----------------------------
Public OpenPGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
- ----------------------------
"Action is the foundational key to all success"
(Pablo Picasso)
-----BEGIN PGP SIGNATURE-----
iQEcBAEBCgAGBQJVuLWrAAoJECULev7WN52FabcH/3NYi5yWdKNZgAmee/gFy6cB
GNVYn1xxK/JI6X0/rJ58OfCbAvzxmDzpM6/FCZJ61uPFFi3UCchqkupaHKdOfkqj
qVsPtavL3jeq4h/2ZXxajHiGFATGZyyO2GMQtB+TzXLwbFijErxrpE9vswBri+HH
rrNRtxZM1rE7LpI0frGCS99wbcv8en0BVG6zafkKq2hA9JNDSzjnxCkqqNcRXDZL
wWhCrdzobdaoxE+TPN8v7IXLdgPeLa4J9MwvT15RiS4lE07bmFuYgmtSWBWJGZQo
ph8mBlii1myCedVe4oTzO5Uu2U3lO7fKi91dXz2/8GGU07TqEWTZLd7TLt6wCGA=
=loYp
-----END PGP SIGNATURE-----
More information about the Gnupg-users
mailing list