Re: [openpgp] OpenPGP private certification

ietf-openpgp

[Top] [All Lists]

<prev [Date] next>

<prev [Thread] next>

Re: [openpgp] OpenPGP private certification

2015-04-08 08:11:46

from [Christoph Anton Mitterer]

[Permanent Link]

On Wed, 2015-04-08 at 09:05 -0400, Phillip Hallam-Baker wrote:

If I could remember my passphrase then I would not need to revoke.

Which is why people are ever since suggested to create their revocation
when the create their key.

My point here is that if we want to get a billion people using
encrypted mail then it has to offer iPhone class usability, not OK for
1990s usability.

Crypto is not an iPhone.
Just accept that you can't make a system securely usable if people
aren't willing to learn how it works and put some effort into it.

Since key
server enrollment can be made automatic, it would be pretty easy to
renew the enrollment once every n months and discard keys that have
not been renewed for 5 years or for more than a year if there is a
replacement key.

Removing a key (and its associated information like revocations or other
signatures) from the keyservers is generally a break of security, as it
allows for blocking or similar attacks.
And attacker could make a valid key removed just by blocking keys that
haven't been "renewed".

Chris.

smime.p7s
Description: S/MIME cryptographic signature

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [openpgp] public logging of e-mail certificates [was: Re: OpenPGP private certification], (continued) Re: [openpgp] public logging of e-mail certificates [was: Re: OpenPGP private certification], Daniel Kahn Gillmor Re: [openpgp] public logging of e-mail certificates [was: Re: OpenPGP private certification], Phillip Hallam-Baker Re: [openpgp] public logging of e-mail certificates [was: Re: OpenPGP private certification], Brian Sniffen Re: [openpgp] public logging of e-mail certificates [was: Re: OpenPGP private certification], Phillip Hallam-Baker Re: [openpgp] public logging of e-mail certificates [was: Re: OpenPGP private certification], ianG Re: [openpgp] public logging of e-mail certificates [was: Re: OpenPGP private certification], Phillip Hallam-Baker Re: [openpgp] OpenPGP private certification [was: Re: Manifesto - who is the new OpenPGP for?], Derek Atkins Re: [openpgp] OpenPGP private certification [was: Re: Manifesto - who is the new OpenPGP for?], Phillip Hallam-Baker Re: [openpgp] OpenPGP private certification, Werner Koch Re: [openpgp] OpenPGP private certification, Phillip Hallam-Baker Re: [openpgp] OpenPGP private certification, Christoph Anton Mitterer <= Re: [openpgp] OpenPGP private certification, Phillip Hallam-Baker Re: [openpgp] OpenPGP private certification, Christoph Anton Mitterer Re: [openpgp] OpenPGP private certification, Phillip Hallam-Baker Re: [openpgp] OpenPGP private certification, Christoph Anton Mitterer Re: [openpgp] OpenPGP private certification, ianG Re: [openpgp] OpenPGP private certification, Werner Koch Re: [openpgp] OpenPGP private certification, Phillip Hallam-Baker Re: [openpgp] OpenPGP private certification, Christoph Anton Mitterer Re: [openpgp] OpenPGP private certification, Phillip Hallam-Baker Re: [openpgp] OpenPGP private certification, Christoph Anton Mitterer

Previous by Date:	Re: [openpgp] OpenPGP private certification, Phillip Hallam-Baker
Next by Date:	Re: [openpgp] OpenPGP private certification, Phillip Hallam-Baker
Previous by Thread:	Re: [openpgp] OpenPGP private certification, Phillip Hallam-Baker
Next by Thread:	Re: [openpgp] OpenPGP private certification, Phillip Hallam-Baker
Indexes:	[Date] [Thread] [Top] [All Lists]