[ale] Encrypting a file with multiple users?

JD jdp at algoloma.com
Tue Jul 9 20:08:18 EDT 2013


On 07/09/2013 09:33 AM, leam hall wrote:
> Hey all, what's the current best practice to move a file where the creator and
> recipient are not close by and do not share passwords? Is RSA/DSA public/private
> key still the best? Something else?
>

Best practice doesn't always include "technically feasible" considerations.
There are often human factors which dictate the final solution.  I've tried
using web-file services, gpg email, and found that average people can't deal
with those things.  In the end, a ZIP file with a complex, shared password has
proven to be the easiest method that normal people can understand.

Not the best, but better than nothing, provided the ZIP password can't be brute
forced for a few years. Because a ZIP file can be efficiently brute forced, it
is important to use very long passwords ... 30+ characters is what I use.

Anyway, just a slightly different perspective.


More information about the Ale mailing list