On 09/09/2013 05:17 PM, Ted Lemon wrote:
On Sep 9, 2013, at 4:11 PM, Dan York <dan-ietf(_at_)danyork(_dot_)org> wrote:
Even in the groups where PGP was (and is) being used, usage is
inconsistent in part because people are now accessing their email
using different devices and not all of them have easy access to
PGP/GPG. If you receive an encrypted message... but can only read
it on your laptop/desktop and not your mobile device, and you are
not near your laptop/desktop, how useful is the encryption if you
need to read the message? You have to either wait to get back to
your system or ask the person to re-send unencrypted.
It might be worth thinking about why ssh and ssl work so well, and
PGP/GPG don't.
Just a quick guess: SSL works automagically, PGP doesn't. So even if the
user doesn't care, SSL is there. PGP, OTOH, usually requires explicit
installation of a plug in and weird stuff (for mere mortals) such as
generating keys, etc.
ssh is typically use by techie people, that realize that e.g. doing
remote login is a bit crazy -- so if you're going to do remote login,
you're certainly going to use ssh (additionally, support for telnet is
disabled by default). OTOH, how many encrypted and/or authenticated
emails does an average user sends a year?
(Not to mention the fact that at the end of the day, you can manually
check the ssh keys "once and for all" in a secure way, whereas with PGP
it's *extremely* often that people that use PGP don't get the habit of
sharing their keys in a secure way when they have the chance to -- for
instance, why doesn't everyone include their fingerprint on their
personal cards?)
Cheers,
--
Fernando Gont
SI6 Networks
e-mail: fgont(_at_)si6networks(_dot_)com
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
--
Fernando Gont
e-mail: fernando(_at_)gont(_dot_)com(_dot_)ar ||
fgont(_at_)si6networks(_dot_)com
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1