Smart card

Robert J. Hansen rjh at sixdemonbag.org
Mon Apr 10 00:27:52 CEST 2017 

> I have to admit the replies to this thread have been very informative in
> ways that simple answers just never would be. Here I was trying to get
> "it" "right" the first (thirty first) time, when it's clear that there's
> no it or right. I am heartened by the dialog and as a result of my
> reading, think that my approach will be fine for my threat vector :).

There's a great quote from _Zero Effect_ that springs to mind.  "There
aren't any good guys!  You realize that, don't you?  I mean, there
aren't evil guys, and innocent guys, and -- it's just -- it's just a
bunch of guys!"

There are very few good practices in communications security, and very
few bad practices.  Mostly, you have to pick from a very mixed bag of
practices.

> But as somebody else on the thread
> mentioned, it's fun trying out the cryptocandy.

That it is, and so long as it's fun I advise you to knock yourself out!

> On another note, while I am totally committed to better understand
> gnupg, I find the bulk of available material in its domain to be
> inconsistent, contradictory, sophmoric, written in faux cryptogeek, and
> generally misleading.  Gems are nearly impossible to find. I have read
> at least a couple of dozen intro to gnupg articles that completely fail
> to arrive at consensus on the fundamentals. What gets encrypted with
> what keys? What is a detached signature and why might I want one?

Suggest questions to be addressed in the FAQ and I'll take a stab.  Our
FAQ needs reorganization -- badly -- but the answers are pretty good, I
think.  Wikipedia actually cites us in a couple of crypto articles.

> I guess what I'm really trying to say is, this "system is so
> eye-poppingly user-unfriendly" that it could use some good, clear,
> accurate, reasonably comprehensive, accessible literature written by
> folks who actually know how stuff works.

So you want someone who isn't just a whiz in cryptogeekery, but has a
detailed knowledge of the OpenPGP spec and how GnuPG implements it,
*and* is a skilled technical writer, *and* has the free time to commit
(conservatively speaking) hundreds of hours of free labor?

You're looking for a unicorn -- but I encourage you to keep looking.  :)

More information about the Gnupg-users mailing list