On 2/23/06, Ed Gerck <[EMAIL PROTECTED]> wrote: > Usability should by now be recognized as the key issue for security - > namely, if users can't use it, it doesn't actually work.
There was an informative study on the usability of PGP, here if you haven't seen it: http://www.gaudior.net/alma/johnny.pdf I think the integration with mailers like the one I saw (either outlook or evolution) and graphical key managers like kgpg are almost sufficiently easy to use, especially if one merely fetches a key from a keyserver or webpage and trusts it is correct. To do it properly, one would have to find a chain of keys from oneself to the recipient. There were a few attempts to do this in an automated fashion (e.g. pathserver), and I have been intending to write one that can deal with the myriad of key types, but have not yet found time to do so. In many cases, such a path may not exist. I think the real issue here is that the perceived threat is low enough that it doesn't justify the effort required to learn the concepts and tools. I tried to host a key-signing party here, and many people just couldn't see the utility in attending. I tried to explain the benefits, but ultimately they decide if the benefits are worth the effort, and I am not inclined to force my evaluations of utility onto them, were it even possible. Personally, I guess I enjoy the challenge of doing things securely. There's a maxim somewhere that security has to be done invisibly in order to be successful. I'm not sure, many people still have to present passwords to log in, but it could be argued that they are in large part not fully effective, due to various reasons. I suppose it depends on how you define "successful". > And what I heard in the story is that even savvy users such as Phil Z > (who'd have no problem with key management) don't use it often. A friend once PGP-emailed Garfinkel, who literally wrote the book on PGP (O'Reilly), and he asked him to re-send it without encryption. One time I PGP-emailed somebody well-known in the security world, and they said it was the first time they received an unsolicited PGP-encrypted email. Someone else wrote: > Sure I can, but if you want it to be encrypted to you, then you need to > publish a key. Interestingly, IBE (identity-based encryption) does not have this requirement. Email addresses are valid public keys. Obviously you must trust the server, which is presumably hosted at your corporation or ISP. http://crypto.stanford.edu/ibe/ I'm not sure how much it really buys you; you basically have delegated key generation to the server. Does it avoid the need to get a "path" to the recipient or their server? -- Security Guru for Hire http://www.lightconsulting.com/~travis/ -><- GPG fingerprint: 9D3F 395A DAC5 5CCC 9066 151D 0A6B 4098 0C55 1484 --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]