Gnupg-users Digest, Vol 184, Issue 22

Robert J. Hansen rjh at
Sun Feb 3 17:48:28 CET 2019

> What i liked about PGPfone was that you could directly connect to your
> communications partner, without any servers involved and it was super
> easy to use. You simply put in the (current) IP Adress, connect and then
> read some displayed letters to each other, to prevent MITM, and then
> communicated. There was no learning curve involved.

In the era before NAT, this may have made sense.  In today's
NAT-pervasive era, not so much.

Under NAT, your IP address is hidden from the rest of the internet.  The
address my router gives me is not one the outside world can use to route
information to me; and if I go to a website that lists my IP, that's
actually my router's IP, not mine.

I won't go into how NAT works except to say that under NAT, connections
cannot[1] be made from one peer to another.  You need a server that's
not NATted in order to facilitate connections between peers.

So -- I hate to be the one to tell you this, but the architecture of the
internet has changed dramatically since PGPfone was released in ... what
was it, '94?  Today, one of the major purposes of these servers is to
facilitate traversing NATs.

[1] It's technically possible to do peer to peer behind NAT, but beyond
the technical capabilities of the vast majority of users.

More information about the Gnupg-users mailing list