<div dir="auto">For encryption to work, EVERYTHING needs to be encrypted always, no exceptions.<div dir="auto"><br></div><div dir="auto">But most people are barely computer capable and certainly not computer literate. So it's not really an option to use complicated stuff like encryption. For it to really work, it needs to be automatic which negates (partially) the "web of trust" that pki requires.</div></div><div class="gmail_extra"><br><div class="gmail_quote">On Mar 22, 2017 9:41 PM, "Jeremy T. Bouse" <<a href="mailto:jeremy.bouse@undergrid.net">jeremy.bouse@undergrid.net</a>> wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">On 3/22/2017 5:02 PM, Alex Carver wrote:<br>
> On 2017-03-22 13:48, Kyle Brieden wrote:<br>
>> I would love to have a key sign party and maybe a talk on PGP theory,<br>
>> why it works, how it works, how to use it, etc... :D<br>
>><br>
>> As far as making it easier to use, <a href="http://keybase.io" rel="noreferrer" target="_blank">keybase.io</a> is just about the most<br>
>> user-friendly implementation I've found thus far. Definitely worth<br>
>> checking out.<br>
> I'm sure it's easy for me to use but I don't have a problem with<br>
> Enigmail either. My parents would have a problem with Enigmail or<br>
> anything command line driven. It would have to be something very well<br>
> integrated with a mail client that is nearly transparent. Engimail<br>
> isn't transparent though it is reasonably integrated.<br>
><br>
> As it is I finally got them to start using a password manager (KeePass)<br>
> which is transparent enough. It reduced the logic level down to "Press<br>
> these three keys anytime you need to log into a website" from what it<br>
> was before ("Go find the Post-It note"). They haven't done all of their<br>
> websites yet but they're slowly changing them. So a PGP workflow really<br>
> has to be that simple to use. The ideal case in that respect is to be<br>
> able to configure the mail client such that "This recipient always gets<br>
> encrypted mail." and everything is sorted out in the background. Since<br>
> there would only be a very select few recipients that would need it, I<br>
> can help them with the initial setup and after that it works in the<br>
> background.<br>
Public key cryptography is not a simple matter. That's really the long<br>
and short of it. I don't use GPG as much to sign my emails these days<br>
as I used to. I never really encrypted that many emails but I would sign<br>
them so they could be verified as coming from me. These days I use<br>
simple S/MIME mostly. For me my GPG usage is much more complex than most<br>
reading this email which is why any GPG/PGP discussion I could put<br>
together would definitely be more than a 101 primer. Those that know me<br>
might agree with that. My primary GPG keys are stored on encrypted USB<br>
drives stored in a fire safe and only pulled out for signing keys and<br>
issuing subkeys. My GPG subkeys are actually generated and live entirely<br>
on OpenPGP smartcards which means a requirement of a smartcard reader<br>
and PCSC daemon. The cards themselves can not be brute forced and they<br>
also serve as my SSH identity keys which is used way more than signing<br>
or encrypting these days.<br>
<br>
<br>______________________________<wbr>_________________<br>
Ale mailing list<br>
<a href="mailto:Ale@ale.org">Ale@ale.org</a><br>
<a href="http://mail.ale.org/mailman/listinfo/ale" rel="noreferrer" target="_blank">http://mail.ale.org/mailman/<wbr>listinfo/ale</a><br>
See JOBS, ANNOUNCE and SCHOOLS lists at<br>
<a href="http://mail.ale.org/mailman/listinfo" rel="noreferrer" target="_blank">http://mail.ale.org/mailman/<wbr>listinfo</a><br>
<br></blockquote></div></div>