I just finished reading the article, I don't know anyone who does all of those
things. most people I know
who are advid GPG users, gen a key, maybe a revoke, upload it to a keyserver
sometimes. and that's about it.
using subkeys, offline keys etc, adds way more complexity to something arguably
that's already complex.
anykind of "best practice", should be simple, so that it encourages a sane
baseline for people. things like
RSA vs DSA, key size etc, should be in it. not a long doc that that has you
doing primary and secondary
keys....
On Tuesday, June 24, 2014 9:24 AM, Robert J. Hansen <r...@sixdemonbag.org>
wrote:
>
>
>> Just for the records: _I_ do not consider the use of a 4096 bit RSA key
>> and a preference for SHA-512 a best practice.
>
>I'll go one step further: I think the article is going to do more harm
>than good.
>
>When young people ask me where to begin programming, I tell them to just
>begin. Don't worry about whether Javascript is better than Python or C
>or anything else: just find something they think is neat and start. The
>most important thing for them is to begin, and the second-most important
>thing is for them to finish what they begin. Only later, once they're
>well and truly on their way, should they start worrying about technical
>details.
>
>The same applies here. The most important thing in using GnuPG is that
>people begin using it; the second-most important thing is that they keep
>on using it. Guides such as these may ultimately do more harm than
>good, in that they tend to lead new users into thinking they *have* to
>do all these things, daunting and maybe even scary things (and let's be
>clear: there's a lot of opaque terminology and technical jargon there!),
>in order to effectively use GnuPG.
>
>Which just isn't true.
>
>The best practice for GnuPG: --gen-key and find a plugin for your email
>client. Everything after that needs to be relegated to an advanced
>class. There's nothing wrong with advanced material: advanced material
>is great. But let's not go about scaring newcomers by making them think
>they need to do and understand all of that.
>
>
>_______________________________________________
>Gnupg-users mailing list
>Gnupg-users@gnupg.org
>http://lists.gnupg.org/mailman/listinfo/gnupg-users
>
>
>
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
