[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Use of PGP---statistics from the public key servers
Peter Kretzman writes:
| I have no idea if these numbers correlate well to actual PGP use
| (these are, after all, just the people who are activist enough to
| post their key on the public key server, which also requires some
| degree of Internet connectivity). If the numbers DO correlate to
| some degree, I thought it was interesting that they appear to show a
| recent decline in usage rather than a steady ramp-up. Is the trend
| toward universal crypto slacking off?
I doubt it. It took me a while to get comfortable enough with
PGP that I bothered sending in my key. I generated it in December,
mailed it to a server in February. Mailing keys to servers is
convienent, but only if you're connected to a web of introducers.
Since I'm not, only one person has signed by key, and I his,
preperatory to some useful work with PGP.
So there really isn't much point to my sending a key to a
keyserver, since, by and large, none of you know who I am.
Admittedly, I could sign all my (2) messages to the list, and start to
gain a reputation connected strongly to a key, but I don't think many
people care if my messages are from me, because I am (effectively)
annonymous. None of you (with a few exceptions) know me, or who I am.
Whoever posts under my name could be me for all you care.
If I was Mitch Kapor, then I might sign messages to ensure
clarity of identity. Since the worst any message claiming to be from
me would do is make me look silly, I don't bother to sign them.
When I use PGP to confirm an identity, I exchange keys & then
fingerprint over the phone. Since I don't know any of you, I don't
have reason to get your keys, nor throw give mine to a server.
So, I think that using the keyservers as a gauge of the
popularity of PGP is not a good idea.
Adam
--
Adam Shostack [email protected]
Politics. From the greek "poly," meaning many, and ticks, a small,
annoying bloodsucker.