absolutely nothing to panic over
listofactor at mail.ru
Sun Oct 25 08:40:37 CET 2015
On 10/24/2015 08:52 AM, Robert J. Hansen wrote:
> I know it's popular to say the sky is falling, but it isn't, and this
> kind of scaremongering doesn't help anyone.
I agree that the sky is not falling, at least not for everybody.
I do however believe that we must face the future without the
hocus-pocus of "public key cryptography". *There is no secure
communication over an insecure channel without out-of-channel
bootstrap*. For a while, we thought that we can cheat the laws
of nature with smoke and mirrors: either "trusted third parties"
(a contradiction in term), or public key verification using
devices such as "web of trust" (a Rube Goldberg-esque contraption
if there ever was one in widespread use) or party-to-party key
verification that depended on authentication and information
exchange integrity over an insecure channel. As if that was not
enough, we now see the cracks in the basement: advances in
computing technology are corroding the fundamental algorithms,
one by one...
Fortunately, this process is slow, and there is ample time to
transit. If the sky is falling, it is falling only for those that
deal with the reality by burying their heads in the sand.
More information about the Gnupg-users