Essay on PGP as it is used today

Stefan Claas sac at 300baud.de
Thu Jul 18 22:07:33 CEST 2019


raf via Gnupg-users wrote:

> Stefan Claas via Gnupg-users wrote:
> 
> > Andrew Gallagher wrote:
> > 
> > > * And finally: “don’t encrypt email”? Yes, well. Email is not going away.
> > > Just like passwords, its death has been long anticipated, yet never
> > > arrives. So what do we do in the meantime?
> > 
> > I think the biggest problems is how can PGP or GnuPG users tell other users,
> > not familar with email encyrption yet, what else to use ...
> 
> At work, when a client insists on email, and I (or the law)
> insist on encryption, I provide them with instructions for
> installing 7-zip and send them an AES-256 encrypted zip or 7z
> file as an attachment. It's the simplest thing I could think
> of that I thought most people could cope with.

That is simple, indeed. But how do you exchange passphrases for
the encrypted files in advance and do you switch them regularly
or leave them the same when dealing with many clients?

I solved this with using NaCl public keys, bearing no infos of
the key owners and having a little key ring, where I only assign
nicknames to the pub keys. The software I use is box

https://github.com/rovaughn/box

in combination with a base91 encoder / decoder, for ASCII armor,
when sending encrypted emails. 

Before that I also experimented with other tools, like dhbitty,
MiniLock and Pretty Curved Privacy etc. but for me they all had
some disadvantages compared to box.

Regards
Stefan




More information about the Gnupg-users mailing list