gpg4win expired code signing cert; please renew.

Sun Oct 19 14:37:39 CEST 2025

> I don't care if solely you, some random user on the internet reject 
> it.

It's not just me, and you clearly do.

> This is a good way to use gnupg.

Prove it mathematically.

> What if I want to encrypt a file such that (USERID1), (USERID2), and 
> (USERID3) must all co-operate in order to read the file?  Multiple 
> keys necessary to unlock
> 
> gpg -e -r  USERID1 <  inputfile.txt  | gpg -e -r  USERID2  | gpg -e
> - r USERID3 > output_file.gpg As far as I know there is no better
> way than that provided by GnuPG as an option.

Shamir's secret-sharing protocol.

> You speak as if you invented the crypto or whatever, and I ever
> came for approval.

I'm not a cryptographer. I'm a tolerably good cryptographic engineer.
And you wouldn't spend so much time insisting I take your scheme
seriously if you weren't looking for my approval.

And honestly, that concerns me. You shouldn't want my approval. As you
say, I'm just some random user on the internet: why does my approval
matter so much? Personally, I would much rather you said, "okay, so
that's a hard pass from Rob: would anyone else like to talk the merits
and flaws of this idea?"

You're a human being deserving of dignity and professional treatment.
Your ideas deserve neither. You are not your ideas. This is really
important because good people come up with bad ideas *all the time*.

I used to work at a skunkworks research lab doing digital forensics R&D.
On our whiteboard we kept our two lab rules, things that we credited our
success to:

	1. MOST OF IT IS WRONG.
	2. WE FAIL FASTER.

99% of our ideas were awful and didn't pan out. That's the harsh
reality. We compensated by spotting theoretical problems as early as
possible, building prototypes as soon as the theory was solid, and
testing our prototypes as strenuously as possible. Whenever anyone's
idea turned out to work the entire lab put our names on the paper;
whenever our ideas didn't, we put the notes in our folder of null
results and resolved to not accidentally rediscover that wrong idea
again. (Don't laugh: it happens all the time if you're not keeping a
null folder.)

I recommend the same approach to you.

Your current idea -- maybe it's right! Maybe it's wrong. It falls into
the realm of what Wolfgang Pauli condemned as ideas that "aren't even
wrong": ideas that never showed up ready to be critically examined and
judged.

It all starts with mathematics.

You deserve dignity and professional treatment, but your idea is not
ready to be taken seriously because you have not shown the math. I know
that's hard to hear.

Finally...

> You ignore added risks related to future quantum crypto development 
> at your own peril.

A tip about being taken seriously in the community: most of us react
with laughter to "you'll be sorry if you don't listen to me!".
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 236 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20251019/d68bf795/attachment.sig>