Hauke Laging <mailinglis...@hauke-laging.de> writes: > Or does anyone really claim that a relevant amount of new gnupg users > has a clue about the need of protection the secret keys which are > usually stored in rather unsafe environments? I assume that most new > users believe: "Great technology. Now my data is really safe."
I agree with this mostly, however: > Being consequent gpg without --expert should ask during each key generation: > 1) Are you REALLY sure you don't want to create this key on a smartcard? > 2) You are running Windows / X / have network access / a kernel older than > four days. Are you REALLY sure you want to create a key in THIS environment? That's a bad exaggeration. We shouldn't be the ones choosing what is "secure enough" and we shouldn't nag the user either (what hindrance to adoption). I could be REALLY sure I don't want to create _this_ key on a smart-card if a smart-card is overkill in my context. Would you consider the ability to create a key on-disk to be a feature? A lot of people (myself included) would. Forcing people to use a smart-card wouldn't be accepted, and neither should forcing people to not use hashed uids. It's a feature -- whether you choose to use it or not, that's up to you. Now if you were sarcastic, that's a different matter altogether. I also like pink elephants! -- PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
pgp47qYBa6kBj.pgp
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
