> I have to admit the replies to this thread have been very informative in > ways that simple answers just never would be. Here I was trying to get > "it" "right" the first (thirty first) time, when it's clear that there's > no it or right. I am heartened by the dialog and as a result of my > reading, think that my approach will be fine for my threat vector :).
There's a great quote from _Zero Effect_ that springs to mind. "There aren't any good guys! You realize that, don't you? I mean, there aren't evil guys, and innocent guys, and -- it's just -- it's just a bunch of guys!" There are very few good practices in communications security, and very few bad practices. Mostly, you have to pick from a very mixed bag of practices. > But as somebody else on the thread > mentioned, it's fun trying out the cryptocandy. That it is, and so long as it's fun I advise you to knock yourself out! > On another note, while I am totally committed to better understand > gnupg, I find the bulk of available material in its domain to be > inconsistent, contradictory, sophmoric, written in faux cryptogeek, and > generally misleading. Gems are nearly impossible to find. I have read > at least a couple of dozen intro to gnupg articles that completely fail > to arrive at consensus on the fundamentals. What gets encrypted with > what keys? What is a detached signature and why might I want one? Suggest questions to be addressed in the FAQ and I'll take a stab. Our FAQ needs reorganization -- badly -- but the answers are pretty good, I think. Wikipedia actually cites us in a couple of crypto articles. > I guess what I'm really trying to say is, this "system is so > eye-poppingly user-unfriendly" that it could use some good, clear, > accurate, reasonably comprehensive, accessible literature written by > folks who actually know how stuff works. So you want someone who isn't just a whiz in cryptogeekery, but has a detailed knowledge of the OpenPGP spec and how GnuPG implements it, *and* is a skilled technical writer, *and* has the free time to commit (conservatively speaking) hundreds of hours of free labor? You're looking for a unicorn -- but I encourage you to keep looking. :) _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users