Making the case for smart cards for the average user

Joey Castillo jose.castillo at gmail.com
Sat Mar 14 23:37:18 CET 2015


On 13/03/15 17:20, Robert J. Hansen wrote:
> (ObWarning: no facts, just opinions.)
>
> I think the biggest problem we face, to be honest, is our conviction
> that there's an answer out there and we just have to find it.
> ...

Thanks for your thoughtful response. I think it's absolutely true that
different people have different security needs, but I wonder if we
can't make progress for an average person's use case.

I'm recalling a message you wrote some months ago making the point
that GnuPG is a cryptographic toolbox, but that it does not provide
policy. That's one of the things I've been trying to get at with this
project, writing guidelines for the people who participate on how they
should use the tools. The goal is to simplify not just everyday things
like how to make a key or encrypt an email, but also more complex
things like "what is my identity and how do I verify it?" [1]

I'm certain that this is not "the answer" for everyone's use case, and
I also know that even if this Kickstarter project gets funded, the end
result will be a small community, not a world-changing critical mass
of people. But it might provide a collaborative place where we can
test out a policy framework and see how well it performs for people
who aren't as intimately familiar with the tools.

That's the thing that excites me, and the thing that I think might
make a difference. Because if the human rights worker in Syria wants
to communicate securely with, say, an academic in the U.S., we have to
figure out a simple way to introduce that person to the tools as well.

[1]: https://github.com/josecastillo/signet/blob/master/guidelines.md#certification-and-trust

-- 

Joey Castillo
www.joeycastillo.com



More information about the Gnupg-users mailing list