[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: why pgp sucks



>"Perry E. Metzger" <[email protected]> writes:
>>I'll also note, yet again, that unless PGP quits this bad practice of
>>identifying counterparties only by a number, it is NOT going to be
>>universally deployed. Counterparties need to be identified by a name
>>that can be looked up in the DNS -- meaning "[email protected]" rather than
>>some key ident number.
>
>PGP of course looks up keys by strings in addition to numbers.  A widely
>accepted practice is to use <[email protected]> in the user ID which allows the
>lookups to be by internet address.  PGP was intended for use beyond the
>internet, such as in bbs's, fidonet, corporate networks, etc., where DNS
>style addresses may not be useful.
 
I would prefer that PGP would not give out ANY info about addressees.  It 
would seem to me that it is quite a security breach to have PGP dutifully 
tell you to whom it is addressed.  
 
************************************************************
*           Just your basic signature block                *
*                                                          *
*  Al Thompson                                             *
*  Fidonet 1:231/110                                       *
*  [email protected]                                          *
************************************************************