On Wednesday 01 December 2010 05:52:50 Volodya wrote: > On 12/01/2010 02:12 AM, Ian Clarke wrote: > > On Sun, Nov 28, 2010 at 11:08 AM, Volodya <Volodya at whengendarmesleeps.org > > <mailto:Volodya at whengendarmesleeps.org>> wrote: > > > > most Freenet users will at know about things > > like drive encryption or PGP e-mail (if not use them), > > > > This may be the case currently (although its far from certain), but we need > > to > > be working towards Freenet being easy enough for newbies to use, and they > > certainly won't be familiar with drive encryption or PGP. > > > > If we assume that our users are familiar with such things then we are > > basically > > condemning Freenet to obscurity.
Hear hear. Tools that make it easy to do the right thing are the tools that are most secure in practice. > > > > Ian. > > What is the use case where a user does not know about existence of encryption? > Perhaps if Freenet is the first thing the person has encountered seeking > anonymity, and will learn about PGP later. But then teaching that person that > password can be forgotten *and restored* is the last thing you want to do. *IF* the user chooses to set a password, *THEN* we probably should tell them that it cannot be recovered period, since the common situation on the Internet is that passwords can always be recovered. However beyond telling them about this, I don't see that there is a problem. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 197 bytes Desc: This is a digitally signed message part. URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20101201/cb1c56e4/attachment.pgp>
