-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 16-12-02 03:39 AM, Bernhard Reiter wrote: >> so that it's easier for folks unfamiliar to setup and use than >> having to go over the too long material > > Within next year, someone will just need to use an email client > that support the following technical solution: > > https://wiki.gnupg.org/WKD > > This is something the GnuPG team is actively working on. > > Best Regards, Bernhard > > > > _______________________________________________ Gnupg-users mailing > list Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users >
First let me say thank you to the developers of gnupg and all the tools and scripts and everything else that goes into creating and running a project as complex as this. And thanks to all the helpful people on the list. Regarding WKD: I'm sure this will be a great tool for fetching public keys and will make life easier for many people on this list. Thank you for your efforts Bernhard! <Rant> (Putting on fireproof suit :-) ) My personal feeling and opinion however is that public key management is not the barrier to adoption of gnupg for everyday users who would like to increase their security. I believe that outside of the lack of awareness that their privacy is being ignored, the problem is mostly private key management and the unfortunate fact that most of the email clients that most people use on the most popular platforms don't support encrypting and decrypting mail. I'll be the first to admit that I don't know how to make it easy for users to be able to generate a private/public key pair wherein the private key can be stored relatively securely and be available for use with their gmail or other email platform of choice from the desktop, laptop, tablet, and phone. Sure you can use a smart card reader to solve the availability issues but then you have to deal with all the software issues. Most people have no knowledge about any of this let alone the existence of tools like smart card readers. I realize there is an argument to be made that people need to exercise personal responsibility when it comes to their security. But I believe adoption will be limited to the technically adept until we can make using encryption and decryption an understandable and short process for people who only use their computers to run "canned" applications and send mail. (Thinking out loud) I wonder if a solution akin to what the password managers do is possible? Maybe storing a private key in a password manager would work for a lot of users. It's not as if anyone would be forced to do this. Create a partnership with a few of the password managers that would require a key be protected by a 30+ character random password and then users could access their private key from anywhere once they've logged into their password manager. Just a thought and clearly it's not the most secure method but maybe it is secure enough? Still doesn't solve the problem of having gnupg available and integrated on all the different platforms. (keeping fireproof suit on for a while :-) ) </Rant> Thanks for your indulgence and patience :-) Best Regards, Duane - -- Duane Whitty du...@nofroth.com -----BEGIN PGP SIGNATURE----- iQEcBAEBCAAGBQJYQYvKAAoJEOJfpr8UVxtkJPgH/1iH2Lk9WFUgE+mkhbJRivsc HnPOzCY+XqWQkWSy7T9kgGddvnf/0jhanApsOnkOiVIUI44XOxuH2dViUbkoEDbj bl+eAjVttVzpyoyVhgwU7jmnsxj4BRvH+6vbTWp3bWt1Cdwz5MTcvsL1nfAgm7zR gAXR251Ul0kL+rFuM/SWe6DXlYoj5ZPWZRpCUR+cuP55PzYJTnoJeAvSMtoktBbH aFDVVyltNJhjikMRTDZ93VJWd0KAytGjCZntnYtwssFbxNkBJIh92ODkEuB8Rj/M mAqnzpKW7TLOjaAFXnD3Nyg4ATy4M3oK0hm+qV6IbTqEjzXspHlw/wubBHwZWfA= =Dm3t -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
