[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: why pgp sucks

To: [email protected] (Eric Hollander)
Subject: Re: why pgp sucks
From: Robert Rothenburg Walking-Owl <[email protected]>
Date: Fri, 10 Feb 95 17:28:48 EST
Cc: [email protected]
Disorganization: State University of New York at Stony Brook
In-Reply-To: <[email protected]>; from "Eric Hollander" at Feb 10, 95 10:49 am
Mailer: Elm [revision: 66.25]
Sender: [email protected]

> 
> if i use a command like
> 
> 	pgp filename
> 
> it will automatically figure out the right thing to do with the file.  if
> it's encrypted, and i have the key, it will attempt to decrypt it.  if it
> contains keys, it will ask if i want to add them to my keyring.  if it's
> signed, it checks the signature.
> 
> this sucks!

From whose point of view? Remember the thread about Getting things right
v. Getting the software out?

The above way is easier for most people with little computer techie
knowledge. Requiring a whole complex set of commands would mean less
PGP users.

As people get used to it and learn about the issues, key management,
etc. they'll be more willing to use a more advanced version of PGP...
at the very least, they'll eventually RTFM and realize that you actally
have more control of what it can do...

Rob

> if i'm trying to write a program to automatically process incoming mail (for
> instance, to see if it's encrypted with a specific key), i certainly don't
> want to have the possibility of people being able to add garbage to my
> keyring just by mailing it to me.

Have your program check what's in the mail before doing anything with it...?

References:
- why pgp sucks
  - From: Eric Hollander <[email protected]>

Prev by Date: Laws, Feds, & the Internet
Next by Date: Re: why pgp sucks
Prev by thread: Re: why pgp sucks
Next by thread: why pgp sucks
Index(es):
- Date
- Thread