We have GOT TO make things simpler

Tony Lane codeguro at gmail.com
Sat Oct 5 22:57:44 CEST 2019

Hash: SHA512

On 10/5/19 7:19 AM, Werner Koch via Gnupg-users wrote:
> On Sat,  5 Oct 2019 12:15, Stefan Claas said:
>> installing MUAs and plug-ins, besides of GnuPG) point them to the FAQ as
>> learning resource and then show them as modern alternative Mailvelope
> And don't forget to point them to all the HOWTOS and RFCs required to to
> use and admin a MUA, sendmail, and the net configuration to name just a
> few.  The point here is that you falsely compare a system tool with an
> end user visible interface.

Thank you. This was exactly the point that set me off in my first message.
The standalone GnuPG interface was never meant for those kinds of end-users.
It was meant for power-users, system administrators, developers, and other
folk who know their way around the terminal. If we want, say, an elegant
graphical user interface for your average Joe, then that's a discussion to
be had. But it's not an issue with GnuPG, per say. Applications that
interface to GnuPG are responsible for _that_ burden. You don't go complain
to OpenSSL devs when it's difficult to attain a secure connection to
some website unless it's a technical issue with OpenSSL.
No, you complain to Mozilla (or whoever made your browser of choice) or
to Github admins. OpenSSL (or NSS, whatever your tool of choice) is just
a back-end utility that non-tech-folk who don't know what they're doing
should -never- interface to. And it's not because it's a difficult tool
to use (it is), but because it's not intended for them. Dumbing the
interface down, _especially_ if it compromises its security or our level
of control over it, is a recipe for disaster. 



More information about the Gnupg-users mailing list