Proposal of OpenPGP Email Validation

[Kristian Fiskerstrand]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 07/29/2015 01:07 PM, nico at enigmail.net wrote:
> Hmmm,


> There should simply be no overhead in using OpenPGP in the ordinary
> case for the ordinary user.
> 

Any secure system needs proper operational security surrounding it,
that require user awareness. So if security/privacy is a priority,
there needs to be an overhead (it might even serve a purpose as it
reminds the user about the the proper procedures to follow).

Quick example; They can use OpenPGP all they want, doesn't help one
bit if the private keys are stored on the computer, running a 10 year
old version of Operating System XY with so many trojan horses working
on copying the private key data that they are fighting over the
resources on the computer.

To paraphrase Schneier, security isn't a product it is a process.

- -- 
- ----------------------------
Kristian Fiskerstrand
Blog: http://blog.sumptuouscapital.com
Twitter: @krifisk
- ----------------------------
Public OpenPGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
- ----------------------------
"Action is the foundational key to all success"
(Pablo Picasso)
-----BEGIN PGP SIGNATURE-----

iQEcBAEBCgAGBQJVuLWrAAoJECULev7WN52FabcH/3NYi5yWdKNZgAmee/gFy6cB
GNVYn1xxK/JI6X0/rJ58OfCbAvzxmDzpM6/FCZJ61uPFFi3UCchqkupaHKdOfkqj
qVsPtavL3jeq4h/2ZXxajHiGFATGZyyO2GMQtB+TzXLwbFijErxrpE9vswBri+HH
rrNRtxZM1rE7LpI0frGCS99wbcv8en0BVG6zafkKq2hA9JNDSzjnxCkqqNcRXDZL
wWhCrdzobdaoxE+TPN8v7IXLdgPeLa4J9MwvT15RiS4lE07bmFuYgmtSWBWJGZQo
ph8mBlii1myCedVe4oTzO5Uu2U3lO7fKi91dXz2/8GGU07TqEWTZLd7TLt6wCGA=
=loYp
-----END PGP SIGNATURE-----