> What you list is only valid if all the nodes in the network have the
qualities you listed.
I had addressed it with;
>> * Ensure that all of the above also true for your correspondents
Node B is one of your correspondents.
> That's the big fuss (to my mind).
[TIC]
Oh no, ensuring encryption-suitability of your correspondents is not so
difficult that you seem to think. All you have to do is prepare a simple
checklist, send it to your correspondents in plain text while you're
exchanging public keys. And decline exchanging encrypted mails if one of the
requirements in the checklist is not met by your correspondent.
In order to make things easier for non-tech people, this checklist should
*not* ask questions like "[ ] Is your hardware comprised of only pure libre
and audited parts?" That's a tough question for the casual user. Some people
may not know what "pure and libre parts" means. Each question regarding
encryption suitability (that I have given in my previous message) should be
translated into much easier sub-lists, such as;
For hardware:
[ ] Is your CPU Shakti? (if not, please give its name and model)
* What is the name and serial number of your BIOS? [__________]
* What is the name and model of your GPU? [__________]
* What is the name and model of your NIC? [__________]
* What is the name and model of your WiFi? [__________]
* What is the name and model of your modem? [__________]
* What is the name and model of bluetooth adapter? [__________]
[ ] Are your USB connectors stuffed with glue? (silicon gum or the like would
also do)
A plain and easy sub-list similar to the above should be prepared for each of
hardware, software, GPG usage, algorithm security, and key security.
Shouldn't take more than a couple of minutes of your correspondent. Given the
stakes involved, what's a minute?
A small utility might be written, even, to streamline the process. For me, I
would have found it most helpful if Debian main repository included such a
package. Then all I would have to do would be, quite simply, asking my
correspondent "Please run freedom-police and pass me the output".
[/TIC]
