FAQ: seeking consensus

Steffen Nurpmeso steffen at sdaoden.eu
Sat Oct 19 22:46:43 CEST 2019

Hello Tony.

Tony Lane via Gnupg-users wrote in <b6c13393-e28a-34d3-1907-a3bcd4608f19\
 |On 10/18/19 2:12 PM, Steffen Nurpmeso wrote:
 |> (redacted)... there are drugs and other specialists which
 |> can make you talk and reveal that presence.  At some later time
 |> i would expect a court order to access log etc. data in and of the
 |> brain implant will increase personal rights and freedom.
 |Not exactly. Actually, this is precisely why I find public key 
 |cryptography so cool. If you do not explicitly add your own address
 |to the list of recipients, you will not be able to decrypt the message!

But wait, that is a frantic scenario.

 |This may sound silly, but you may want to write something to someone
 |that you cannot ever possibly be compelled to decrypt. It will be 
 |impossible for you to decrypt, even though you wrote it and encrypted
 |it and even if you have the file in your possession and even if you
 |have all your secret keys and you know all of your own passwords
 |and have them written down. You can smile serenely while they're
 |beating you with a rubber hose, knowing that you can't endanger the
 |lives of your sources, nor give up your rights, even if you felt like
 |that might be entertaining for a change. This is also exactly why
 |governments find it such threat - the idea we have a way to truly,

I find that overly optimistic.  It brought two visual film
impressions, one is the poor guy from within the crate in Pulp
Fiction, that is how you end if you run out of hopes at some time,
it seems.  The other was a French film of a Basque revel (or
freedom fighter if you want to), who was finally caught and
interrogated under drugs.  The drugs made him see (he was a host
before), unfortunately the film ends thereafter with him in
a straitjacket hammering the back of his head against the pad in
some cave cell, trying to get rid of a lot of side channel attacks
(my impression, entirely others may have seen a man gone grazy).

 |securely communicate in a way they cannot prove who sent what
 |terrifies them. It's also what lead to the US trying to classify
 |such crypto as a military munition, which was later repealed in court
 |in Bernstein vs US Department of State. They're trying to bring it
 |back though (hah, fat chance)!

Oh yes, i also have the impression that hysteria gains currency.
A lot of which surely is tactics to gain momentum against chinese
made and designed communication hardware, nevermind the extra
costs of kindling.  (I for one think it is just undemocratic and
antisocial if only one party can spy.  And they all do, more or
less, right.)

And we see ambitions to forbid crypto, or to allow only crypto
with backdoors.  I personally think this will come some day, just
like the implant will, the benefits are too large, just think
about the possibility to get the entire medical history and
current state of a person in an emergency situation.  Criminals
which go to prison by themselves, what do i know :)

 |> Btw., you use autocrypt headers, in this mail of yours there are
 |> thus two certificate keys included.  Unfortunately my MUA not yet
 |> can either of them, and will not before next spring.
 |> At that time we will support PGP/MIME and inline signed/encrypted
 |> messages (even though it will not be nice until some later
 |> time).  And will have a look into OpenPGP: headers.  But not
 |> autocrypt, no.
 |I didn't realize there were people in this mailing list who didn't
 |use it. Well, I turned it off here... that better?

"Thank you" ^_^.  I think yes!  No, i would not, i think it is
a strange thing, of course public keys must come from somewhere,
but passing several hundred or so bytes in each and every mail
message seems like a weird thing to do.  Especially if the key is
shipped alongside the message already, and then headers can be
spoofed, so autocrypt makes sense alongside dkim and such third
party signing environments, which i also dislike, in the form they
come.  (I would prefer a CMS message envelope i think, but sure,
this requires MIME messages.)  I mean, if i want to have signed
communication with someone, i could very well just send her or him
a signed message saying so, and then the key is also where it
belongs, no?  Strange thing...

|Der Kragenbaer,                The moon bear,
|der holt sich munter           he cheerfully and one by one
|einen nach dem anderen runter  wa.ks himself off
|(By Robert Gernhardt)

More information about the Gnupg-users mailing list