[ale] PGP/GPG Keysigning party! ALE Central November 19th.
Richard Bronosky
Richard at Bronosky.com
Wed Oct 28 12:43:55 EDT 2009
Get people to use GPG? I'd be happy if I could get them to use BCC and
to check Snopes before forwarding emails about onions a flu
prevention.
On 10/28/09, Katherine Villyard <villyard at gmail.com> wrote:
> On Wed, Oct 28, 2009 at 10:41 AM, Jim Lynch
> <ale_nospam at fayettedigital.com>wrote:
>
>> Michael H. Warfield wrote:
>> > Hello all!
>> >
>> > Aaron approached me a couple of days about about running a PGP/GPG key
>> > signing party for the November ALE meeting. Looking back, it looks like
>> > the last one was 6-1/2 years ago! Wow, time flies... Ok... So be it.
>> >
>> I for one would like to know exactly what this activity is good for. I
>> understand that one of the uses of these keys is to be sure an email is
>> from who you think it is. Exactly what activities are you guys involved
>> in that require that level of security? Obviously you are doing
>> something other than sending responses to the various questions/issue on
>> this list.
>>
>> I'm not criticizing, just very puzzled 'cause I have no real idea of a
>> practical use for this level of security.
>>
>> Thanks for the enlightenment.
>>
>
> This, right here, is why I can't get anyone I know to use GPG.
>
> This email traveled various routers plain text to reach your inbox. To
> which everyone I know says, "So? I don't care if George W. Bush/Barack
> Obama/the CIA/the NSA/the Russian Mafia reads my email." And for this
> particular email, which is going to end up in ALE's public archives, so
> what?
>
> However. If you ARE going to send something secret--like, say, financial
> junk, or your ISP emailing you passwords--that means that the only mail in
> your inbox that's encrypted is the mail you don't want people to read. Way
> to be stealthy.
>
> No, the way to be stealthy is to encrypt by default. Then people don't know
> which message is the super secret message, and waste time decrypting
> pictures of your cats and your wife asking you to bring home milk looking
> for the message with the secret stuff in it. And, you know. Maybe I don't
> WANT my emails to my honey flying around plain text, only he refuses to
> encrypt. Then again, he didn't want to use SSL for his pop/imap until I
> opened wireshark and showed him his passwords, so there you go.
>
> As for the keysigning party, there's no guarantee that the key in the
> keyserver is who it says it is. Considering that I can't get my friends to
> use encryption at all, it's unlikely that people are impersonating them,
> but...
>
> Katherine
>
--
Sent from my mobile device
.!# RichardBronosky #!.
More information about the Ale
mailing list