hashed user IDs
Jerome Baum
jerome at jeromebaum.com
Tue Mar 22 16:08:36 CET 2011
Hauke Laging <mailinglisten at hauke-laging.de> writes:
> Or does anyone really claim that a relevant amount of new gnupg users
> has a clue about the need of protection the secret keys which are
> usually stored in rather unsafe environments? I assume that most new
> users believe: "Great technology. Now my data is really safe."
I agree with this mostly, however:
> Being consequent gpg without --expert should ask during each key generation:
> 1) Are you REALLY sure you don't want to create this key on a smartcard?
> 2) You are running Windows / X / have network access / a kernel older than
> four days. Are you REALLY sure you want to create a key in THIS environment?
That's a bad exaggeration. We shouldn't be the ones choosing what is
"secure enough" and we shouldn't nag the user either (what hindrance to
adoption). I could be REALLY sure I don't want to create _this_ key on a
smart-card if a smart-card is overkill in my context.
Would you consider the ability to create a key on-disk to be a feature?
A lot of people (myself included) would. Forcing people to use a
smart-card wouldn't be accepted, and neither should forcing people to
not use hashed uids. It's a feature -- whether you choose to use it or
not, that's up to you.
Now if you were sarcastic, that's a different matter altogether. I also
like pink elephants!
--
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 880 bytes
Desc: not available
URL: </pipermail/attachments/20110322/9e0e4762/attachment.pgp>
More information about the Gnupg-users
mailing list