German ct magazine postulates death of pgp encryption

Patrick Brunschwig patrick at enigmail.net
Sun Mar 1 17:21:22 CET 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 01.03.15 16:38, Kristian Fiskerstrand wrote:
>>> In general I believe this to be an insufficient form of 
>>> identification that really doesn't provide much of anything 
>>> useful, but at least the PGP keyserver does it reasonably sane
>>> in its methodology by creating a signature from their CA on
>>> the key. Whether you put any merit to having such a CA
>>> signature or not is left up to the user (excluding for now the
>>> "fun" related to the spammy number of signatures from it)
> 
>> Yes, I know. The re-confirmation every few months together with 
>> re-signing the keys is among the things I dislike about 
>> keyserver.pgp.com. But in general, I think that keyservers need
>> to go in that direction if we want to enable easy use of OpenPGP
>> in email (which requires in some way or another to download
>> missing keys automatically).
> 
> You wouldn't need the keyservers to be involved in this at all.
> Anyone could set up such a mail verification CA outside of the
> keyserver network.

Perfectly correct, yes. This is exactly what I'm proposing. I believe
that the current keyserver network cannot do this. I just don't have
the time to (also) work on this...

- -Patrick
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJU8zyAAAoJENsRh7ndX2k7cNAQAJXErgNTCbTqEwhtUcW0l7KR
hfchokWcOfgdMmNIKz9A2AD8mQ7Ckdxmn/ANGzNLSzZHjCT4+npjdEe/Q0XxcUf6
ajtntcQsdUBvpC/K4gPDg+V1g3EEZkUPHDeKvgCWvZIQ+57zjsg6T/0c4EEfdNWP
jwZDceP17wsLcTy3OdHhVrMJkgF/HFR4GaGzWNUzBFxtfeoK7kNhkvxKDbhajmcY
wiCgzz++cZmi7T4tf/hrdi65zB9zxzIOgvfeJvDpuuCUAGGYNtofJrIL4H3RNlSc
LfEmbpIwEfJltgeaEpfHBRzTtbxzAr7STvYSQNBwcCb+ksa2EWLzpPjbTfBUWaMt
91oW/qrW2TcEPxPHxnR1dlrAVmm3gE253plO8rljllr5csrUgLiT7tGalAwxv5Es
ITycw3lWUoxDRA1enqHnRgeig3MQNLGqZ5hbFYTs5sHYbKcpHG5Gl4TVnRKIWyCj
KMuXqy1ibV5kIlbP70D/g5Ss2M3iUyYl/tHf1pA5WKMU2EguLL42A9LCIPkqMFO7
5a1+xRAo1ZzkHpNUgACI73F/IuNTPXA7bPSa298sLB55teNFjWK5N8oPPs03e4OQ
W3oEoENnhgdUmDNd5soiM3yVgabGw8vBQC+/PD9Uz9Ee8AnxspxhQMdYacE467fJ
0ALTnk9tVO6Qt3vCjR3J
=Mejp
-----END PGP SIGNATURE-----



More information about the Gnupg-users mailing list