[ale] PGP/GPG

Jim Kinney jim.kinney at gmail.com
Wed Mar 22 22:03:03 EDT 2017


For encryption to work, EVERYTHING needs to be encrypted always, no
exceptions.

But most people are barely computer capable and certainly not computer
literate. So it's not really an option to use complicated stuff like
encryption. For it to really work, it needs to be automatic which negates
(partially) the "web of trust" that pki requires.

On Mar 22, 2017 9:41 PM, "Jeremy T. Bouse" <jeremy.bouse at undergrid.net>
wrote:

> On 3/22/2017 5:02 PM, Alex Carver wrote:
> > On 2017-03-22 13:48, Kyle Brieden wrote:
> >> I would love to have a key sign party and maybe a talk on PGP theory,
> >> why it works, how it works, how to use it, etc... :D
> >>
> >> As far as making it easier to use, keybase.io is just about the most
> >> user-friendly implementation I've found thus far.  Definitely worth
> >> checking out.
> > I'm sure it's easy for me to use but I don't have a problem with
> > Enigmail either. My parents would have a problem with Enigmail or
> > anything command line driven.  It would have to be something very well
> > integrated with a mail client that is nearly transparent.  Engimail
> > isn't transparent though it is reasonably integrated.
> >
> > As it is I finally got them to start using a password manager (KeePass)
> > which is transparent enough.  It reduced the logic level down to "Press
> > these three keys anytime you need to log into a website" from what it
> > was before ("Go find the Post-It note").  They haven't done all of their
> > websites yet but they're slowly changing them.  So a PGP workflow really
> > has to be that simple to use.  The ideal case in that respect is to be
> > able to configure the mail client such that "This recipient always gets
> > encrypted mail." and everything is sorted out in the background.  Since
> > there would only be a very select few recipients that would need it, I
> > can help them with the initial setup and after that it works in the
> > background.
> Public key cryptography is not a simple matter. That's really the long
> and short of it.  I don't use GPG as much to sign my emails these days
> as I used to. I never really encrypted that many emails but I would sign
> them so they could be verified as coming from me. These days I use
> simple S/MIME mostly. For me my GPG usage is much more complex than most
> reading this email which is why any GPG/PGP discussion I could put
> together would definitely be more than a 101 primer. Those that know me
> might agree with that. My primary GPG keys are stored on encrypted USB
> drives stored in a fire safe and only pulled out for signing keys and
> issuing subkeys. My GPG subkeys are actually generated and live entirely
> on OpenPGP smartcards which means a requirement of a smartcard reader
> and PCSC daemon. The cards themselves can not be brute forced and they
> also serve as my SSH identity keys which is used way more than signing
> or encrypting these days.
>
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20170322/dd724ee6/attachment.html>


More information about the Ale mailing list