Mailing List Archive

On Mon, 30 Jan 2012 18:40:08 -0500
Robert J. Hansen articulated:

> This comes fairly close to my own practices, with one significant
> exception: since it's almost impossible for me to know whether all the
> MUAs used on a mailing list support PGP/MIME, I feel it's better for
> mailing list traffic to be inline.

I take the opposite approach. Due to the way "inline" messes up the
format of a message, and obviously renders the "sig-delimiter" useless,
I prefer to use "PGP/MIME". Plus, so many morons, I could use
"intellectually challenged" if you prefer, fail to trim a replied to
messaged; ie, they leave all of the superfluous "inline" garbage plus
other parts of the replied to message intact rather than strip it out,
just adds to the annoyance factor.

Supporting the "inline" method is like supporting a grown child. If you
keep supporting him/her, they will never leave home. Stop supporting
them and they will leave. The same is true for "inline" PGP. If support
for it were to cease, it would also.

> Of course, I really feel it's better for mailing list traffic to not
> be signed at all, since usually all it gives us is a false sense of
> security. A signature from an unvalidated key belonging to an unknown
> person whom we don't know from Adam doesn't mean much, if anything at
> all.

I totally agree. I have never seen or heard any logical excuse for the
signing of list traffic. What am I going to do, attempt to use the
identity of another poster? What purpose would that serve anyway? As
you so eloquently pointed out, "A signature from an unvalidated
key belonging to an unknown person whom we don't know from Adam doesn't
mean much, if anything at all."

By the way, "unvalidated" is probably not a word; at least accord to
Merriam Webster <http://www.merriam-webster.com/dictionary/unvalidated>.

--
Jerry â™”

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the Reply-To header.
__________________________________________________________________
Never forget: 2 + 2 = 5 for extremely large values of 2.

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

> Supporting the "inline" method is like supporting a grown child. If you
> keep supporting him/her, they will never leave home. Stop supporting
> them and they will leave. The same is true for "inline" PGP. If support
> for it were to cease, it would also.

That was the idea behind the question I posed about Enigmail inline default setting. I understand the replies but it's similar to iOS-devices and flash support. Only since adobe got some pressure from the market, flash is under development and has become a little more effective (and also superfluous, since HTML5 is working just fine).

Sometimes if the right parties decide to no longer support an old standard the software that does not support the new (better) standard will die or get improved but I'm not sure I wanna wait for Microsoft to properly program their mail-client. They obviously have enough money to through at that problem but decide not to.


>> Of course, I really feel it's better for mailing list traffic to not
>> be signed at all, since usually all it gives us is a false sense of
>> security. A signature from an unvalidated key belonging to an unknown
>> person whom we don't know from Adam doesn't mean much, if anything at
>> all.

You at least know that the person with that key is the author. That is some information. Should I still stop signing list mails? So far, I used to do that, because I though people then could check and if my key is signed by someone they know it's a lot of important information, right?

all the best, steve

On 31/01/12 16:23, Steve wrote:

> You at least know that the person with that key is the author. That is some information. Should I still stop signing list mails? So far, I used to do that, because I though people then could check and if my key is signed by someone they know it's a lot of important information, right?

Unless there is an official policy against signing list mail I'd suggest
you continue doing whatever you want. I myself intend to.

IMO, if there's one place you should be able to sign email, it's the
GnuPG users mailing list. It's called dogfooding.

--
Mike Cardwell https://grepular.com/ http://cardwellit.com/
OpenPGP Key 35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F
XMPP OTR Key 8924 B06A 7917 AAF3 DBB1 BF1B 295C 3C78 3EF1 46B4

On Tue, Jan 31, 2012 at 05:23:59PM +0100, Steve wrote in
<946FFFC5-A191-4073-9D69-FC7FDC6950B7@gpgtools.org>:
>>> Of course, I really feel it's better for mailing list traffic to not
>>> be signed at all, since usually all it gives us is a false sense of
>>> security. A signature from an unvalidated key belonging to an unknown
>>> person whom we don't know from Adam doesn't mean much, if anything at
>>> all.
>
>You at least know that the person with that key is the author. That is
>some information. Should I still stop signing list mails? So far, I used
>to do that, because I though people then could check and if my key is
>signed by someone they know it's a lot of important information, right?

I appreciate signed mails on this list (and any other lists). Most
problems these days on the internet are, in my opinion, related to people
being completely anonymous. If you stand behind your words, show so by
signing your posts.

Cheers,

Remco

On 01/31/2012 11:23 AM, Steve wrote:
> Sometimes if the right parties decide to no longer support an old
> standard the software that does not support the new (better)
> standard will die or get improved...

This works if and only if the "right parties" are a large enough market
to push implementations around like that. Enigmail isn't. Assume we
have 50,000 installations. (This sounds like a lot, but it's a pale
shadow compared to GnuPG installations.) Of those, maybe 5,000 are
serious users and the rest are casual ones, people who saw it on Mozdev
and got intrigued and installed it and never really did anything with
it. Those 5,000 users don't represent a single bloc, though: they're
spread out through a whole lot of different communities, where they
represent extremely small minorities within those communities.

As a for-instance, on my old high school class's mailing list I'm pretty
sure I'm the only person who's even heard of Enigmail. If I were to
tell the list maintainers, "you need to upgrade your version of Mailman,
it's breaking my PGP/MIME signatures," the response I'd get would
probably be, "what's PGP/MIME, and why is it important, and why do all
your messages have those weird attachment things on them, anyway?"

> You at least know that the person with that key is the author. That
> is some information.

No, you don't.

A few years ago on PGP-Basics one user threw a screaming fit over how
many users were not signing our posts to the list. He insisted that
signatures were meaningful, that they proved the person with that
certificate is the author, and so on.

John Clizbe, John Moore and I conducted a little experiment. We created
a single certificate. All three of us used the exact same certificate
to sign our posts to PGP-Basics. The person who was most up in arms
about our lack of signing was placated, and thanked us for seeing the light.

It was another few months before anyone realized we were all using the
same certificate.

Honestly, up until that point I thought that maybe there was some
utility to mailing list signatures. Maybe. That experiment changed my
mind: I now see no utility to them for the vast majority of uses.

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Jerry wrote:

> I totally agree. I have never seen or heard any logical excuse for the
> signing of list traffic.

I almost never sign anything unless I suspect the destination can at
least ignore the signature. The people with whom I send e-mail (a
diminishing population because most have moved to texting on cell
phones, or twitter or Facebook) have no interest in security, though
they sometimes act in a paranoid fashion about eavesdropping. But they
refuse to do anything about it. They cannot deal with MIME signatures
(at least those still using AOL), and cannot ignore them either.
They hate the inline signatures too. When I do sign, it is just to draw
attention to the fact I have a public key and can accept signed and
encrypted e-mail. And so far, other than complaints about extraneous
text in my emails, that is about it. I really get no use from it.

So signing to this list, and an occasional test that my stuff is still
working is the only use I get from gnupg and enigmail. The stuff I would
really prefer to send encrypted I cannot send that way because those to
whom I would send it could not read it (they have no software and no
public keys). And if they could, they would probably save it in clear
text somewhere, forward it, or whatnot.

I think PGP and gnupg are really great ideas, whose time has not yet
come. And by the time people realize its usefulness, the snooping
community will have made it impossible to use it anymore. People sending
encrypted e-mail will be disappeared. The time for that has not yet
come. I hope it is postponed until after I can no longer use a computer.

--
.~. Jean-David Beyer Registered Linux User 85642.
/V\ PGP-Key: 9A2FC99A Registered Machine 241939.
/( )\ Shrewsbury, New Jersey http://counter.li.org
^^-^^ 13:45:01 up 20 days, 21:11, 3 users, load average: 4.78, 4.89, 4.99

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Remco Rijnders wrote:

> I appreciate signed mails on this list (and any other lists). Most
> problems these days on the internet are, in my opinion, related to
> people being completely anonymous. If you stand behind your words,
> show so by signing your posts.
>
OK. I stand behind this post. But other than amusing myself, does it
really make any difference?


- --
.~. Jean-David Beyer Registered Linux User 85642.
/V\ PGP-Key: 9A2FC99A Registered Machine 241939.
/( )\ Shrewsbury, New Jersey http://counter.li.org
^^-^^ 14:05:01 up 20 days, 21:31, 3 users, load average: 4.52, 4.76, 4.84
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with CentOS - http://enigmail.mozdev.org/

iD8DBQFPKDwqPtu2XpovyZoRAlfyAJ4k3TxXHBy8hSHorl6xowjoUl9vrwCbBuUr
ZU51SVdnmQg12VS77wVOpcc=
=7Cba
-----END PGP SIGNATURE-----

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Am Dienstag, 31. Januar 2012, 19:46:05 schrieb Robert J. Hansen:

> Enigmail isn't. Assume we
> have 50,000 installations. (This sounds like a lot, but it's a pale
> shadow compared to GnuPG installations.)

Do you mean "hidden" installations (used unnoticedly by a distribution's
update tool in the background) or actively planned instattations ("I need
GnuPG.")?

It is hard for me to believe that a serious user of GnuPG does not use it for
email. I use it at work for administration purposes (so without email) but for
most people I know it's the other way round: They use it for email only.

I admit that I do not use Thunderbird but is it's share among GnuPG users so
much smaller that among all users altogether?


> I now see no utility to them for the vast majority of uses.

But you admit that this depends on the current situation (described by: hardly
anyone uses it)?

I hope that the law will pledge big companies in the near future to sign their
emails and offer encryption at no additional cost. Then most normal users will
encounter cryptography regularly and thus the number of people who use it
should increase a lot.


Hauke
--
PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814

> From: "Robert J. Hansen" <rjh@sixdemonbag.org>
> To: gnupg-users@gnupg.org
> Cc:
> Date: Tue, 31 Jan 2012 13:46:05 -0500
> Subject: Re: PGP/MIME use (was Re: META)
> I now see no utility to them for the vast majority of uses.


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

One, albeit rather unimportant, use is to help people with whom
you would like to regularly communicate access and check your
key a bit more easily, especially for people with multiple keys.
Given the fingerprint (often in the e-mail signature), the GPG
key can be downloaded and immediately tested against the GPG
signature. Granted, very little utility, but still greater than
zero 8-).

- --Avi
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (MingW32) - GPGshell v3.78
Comment: Most recent key: Click show in box @ http://is.gd/4xJrs

iL4EAREKAGYFAk8oSc1fGGh0dHA6Ly9rZXlzZXJ2ZXIudWJ1bnR1LmNvbS9wa3Mv
bG9va3VwP29wPWdldCZoYXNoPW9uJmZpbmdlcnByaW50PW9uJnNlYXJjaD0weDBE
NjJCMDE5RjgwRTI5RjkACgkQDWKwGfgOKfm6YAD/XdrMCwcMNPXAML/ybu6fN8im
yMvIfJ4uPW2ekdzC14wA/RVAh0f1Mwpz2okn9uY2sv9E0Be5+ULY5GKLxcRtb0qQ
=DRzx
-----END PGP SIGNATURE-----

----
User:Avraham

pub 3072D/F80E29F9 1/30/2009 Avi (Wikimedia-related key) <avi.wiki@gmail.com>
   Primary key fingerprint: 167C 063F 7981 A1F6 71EC  ABAA 0D62 B019 F80E 29F9

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

On Tue, 31 Jan 2012, remco@webconquest.com wrote:

> Most problems these days on the internet are,
> in my opinion, related to people being completely
> anonymous. If you stand behind your words, show
> so by signing your posts.

If the idea is more important than who said it, signing
(in both the non-technical literary sense and the crypto
sense) is extra. After all, not everything is a contest.
Alternatively, if a comment is likely to be seen as a
contest (whether by some person or some Big Brother),
again signing is extra. And in any case there is always
the virtue of modesty.

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi


On Tuesday 31 January 2012 at 6:02:27 PM, in
<mid:4F282CB3.3040106@lists.grepular.com>, gnupg@lists.grepular.com
wrote:


> IMO, if there's one place you should be able to sign
> email, it's the GnuPG users mailing list. It's called
> dogfooding.

OK, but should we *clearsign* our messages to the list?


- --
Best regards

MFPA mailto:expires2012@rocketmail.com

After all is said and done, a lot more will be said than done.
-----BEGIN PGP SIGNATURE-----

iQCVAwUBTyhtUKipC46tDG5pAQrVygP8DzWjMR6H/Qo+FKhUaONQjz8GKiWs5dX4
jBccVhN+1UbVhADvIYcq4Ws1wM0ZmrBFHxxGBvkWvqprV7piwYdv4QCTD3cihqM8
SA0ScsbzFizBoMGf4WRttoUDzsfDlaobkJQuTTFVW3L3gXfxtL2PSB7uv01IGKzI
qBZE5Xw+duI=
=CHkV
-----END PGP SIGNATURE-----


_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

> One, albeit rather unimportant, use is to help people with whom you
> would like to regularly communicate access and check your key a bit
> more easily, especially for people with multiple keys.

Putting a kludge in email headers or a "OpenPGP Key ID: 0xD6B98E10" in
the sigblock seems to be a more efficient method of achieving this end.
Given this is an awful heavyweight way to achieve an end that's just as
correctly achieved via lightweight means, I don't see this as a reason
to sign messages. To add a sigblock, sure. :)

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Warning: do not take *any* of the numbers here seriously. They may be
completely divorced from reality. These numbers are like Monopoly money
-- completely fake, but still useful to illuminate important lessons
about the real thing.

This email is also quite long, and I apologize for that. I haven't the
time to make it shorter.

On 1/31/2012 2:25 PM, Hauke Laging wrote:
> Do you mean "hidden" installations (used unnoticedly by a
> distribution's update tool in the background) or actively planned
> instattations ("I need GnuPG.")?

Either/or. Enigmail's users are a small fraction of GnuPG's no matter
how you slice it.

> It is hard for me to believe that a serious user of GnuPG does not
> use it for email.

This sounds like a No True Scotsman fallacy. If someone uses GnuPG but
not for email, does that disqualify them from being a serious user? Is
your definition of 'serious user' structured in a way as to implicitly
select for email users?

> I admit that I do not use Thunderbird but is it's share among GnuPG
> users so much smaller that among all users altogether?

Welcome to the world of Fermi problems, where your answers are as
accurate as your prejudices. How many piano tuners are in Chicago?
Well, there are about five million people in Chicago, an average
household is somewhere between two and four people, maybe one in twenty
has a piano that gets tuned once a year, one piano tuner can do maybe
four in a day and doesn't like to work more than five days a week... uh,
well, there are maybe between 125 and 250 piano tuners. More or less.
Sorta. If our prejudices are accurate then our result will be.

You can estimate GnuPG and Enigmail users in the same way. On average,
each and every Linux installation has GnuPG installed. How many Linux
users are there worldwide? Well, in the United States there are about
300,000,000 people, and probably 200,000,000 use computers on a regular
basis. (Note that I'm not asking how many *computers* are in the United
States, but how many *users*.) Linux might account for half a percent
of mindshare, so ... my prejudice is that there are about a million
GnuPG users in the United States. They might not even know it, but
they're part of the userbase.

Enigmail's 50,000 users is just a slender few percent of GnuPG's user
base. (And believe it or not, this is an apples-to-apples comparison:
all Enigmail users compared to all GnuPG users.)

The knowing-users comparison is different. Essentially all of
Enigmail's users are knowing users. You have to first download
Thunderbird, then download Enigmail. (GnuPG is already on your system.)
You've taken two deliberate steps to put Enigmail on your system: the
odds are very good that you know Enigmail is there and you want the
capability it provides. So of our 50,000 users, probably close to all
of them know they're our users. GnuPG is a little different: of a
million Linux users in the United States, how many of them actually
think about how many times GnuPG is being used behind the scenes to
validate their software downloads and sign packages and whatnot?
Somewhere between one in ten and one and three? So against our 50,000
'knowing' users, GnuPG would still crush us with between 100,000 and
350,000 'knowing' users.

>> I now see no utility to them for the vast majority of uses.
>
> But you admit that this depends on the current situation (described
> by: hardly anyone uses it)?

Of course not.

Even if *everyone* used email crypto, signatures would still be largely,
and maybe entirely, useless.

I don't know where this myth began that messages are somehow trustworthy
because they sport signatures. That's not how the world works.

(Well, I suppose it *can* work, the same way you can choose to blindly
trust anyone who speaks Occitan with a lisp and has a strange
fascination with argyle. However, just as you might think someone who
would trust completely based on such criteria to be foolish, I think
people who believe signatures create trust are just as foolish.)

Signatures extend trust's reach: they can't create it. My friend Raven
used to live just up the highway from me. We regularly got together for
tea. When we were sitting face to face, I trusted the integrity of what
she was saying. Now that she's far away, if/when we need to guarantee
the integrity of our message we use GnuPG to do so. The trust we had in
a face-to-face communication has had its reach extended to cross
thousands of miles. But if she and I hadn't met before, if we didn't
have a shared experience upon which to build trust, then signatures
would be meaningless. The reach of trust has been extended, sure, but
that doesn't help much when there isn't trust.

Let's have another example here. I woke up at about eight in the
morning on 9/11. I was living in California and I was moving that day.
All my belongings had already moved out: I had no television, no radio,
nothing, just myself, a sleeping bag and a laptop. I woke up that
morning, made myself a cup of coffee, studied the maps for the day's
drive out East, and before I walked out to my car I figured I'd check my
email one last time. I had one email from a friend of mine in the UK.
It read exactly:

Your country's at war. All of us are backing you.

The message was not signed. I tried to hit CNN.com, but the site
wouldn't load. Slashdot.org, same. In fact, *all* websites were pretty
much down. I shrugged and figured the ISP must've turned off my account
a little early. I walked outside -- it was a beautiful day, the birds
were singing, clear skies. Nobody was screaming or wailing: it was a
day just like any other.

I shrugged off Roger's message. I figured someone was playing games
with me. I dropped off my housekeys in my landlord's dropbox and began
driving. It wasn't until I was leaving San Jose that I saw a bunch of
flags flying, and between that and Roger's email, well -- I stopped at
my favorite watering hole to check in with the morning crew and see if
they'd heard anything, and that's when I discovered what had happened.

Imagine what would've happened if Roger had sent me that as a *signed*
email. I would've trusted it completely, right? I wouldn't have
dropped off my housekeys, I would've called my landlord and asked for a
few days extension, and not had to deal with the challenges of a
cross-country move during 9/11 and the days immediately after.

Now that you know the history (an unsigned message I disregarded) and
you've imagined one alternate history (a signed message that I would've
heeded), imagine a second alternate history. In this second alternate
history, MFPA sends me a signed message telling me "Your country's at
war, all of us are backing you."

Would I trust that? Of course not. I don't know MFPA. He's never
bought me a beer. We have no shared context of trust, so there's no way
for a signature to extend the reach of that nonexistent trust. The
signature on the message means exactly nothing.

The best MFPA could hope for would be to say, "Your country's at war,
all of us are backing you, nytimes.com is still up and responsive, check
there for details" -- but even then I'm not trusting MFPA. He's giving
me a way to independently verify his claim, which is pretty much the
polar opposite of asking me to take things on trust.

Finally, one last thought experiment:

During my time percolating through graduate school I used a coffeeshop
across the street from my building as my office. (My official office
was literally a converted janitor's closet that now housed five TAs.)
One semester I had to bounce a large number of students on academic
honesty violations: some of them were extremely upset. My nightmare
scenario then involved one of them visiting the coffeeshop at the same
time as me and posting incredibly offensive things on University forums
using my name. It would be easy to do and *very* hard to fight: after
all, the IP address would track back to the same coffeeshop I
frequented, and the timestamps would correlate to the time I was in there.

For a while I considered signing everything, so I could then deny making
those posts. "I didn't write that! I sign everything! That has a
bad/missing signature!"

And then I imagined my dean answering, "That proves nothing: after all,
if I was posting this stuff I wouldn't sign it, either."

... Anyway.

I apologize again for the length of this post. Too long by half, I know.

The takeaway here is:

* Signatures extend the reach of trust, they don't
create new trust
* Unless there's a pre-existing trust relationship
signatures mean either nothing or so close to it
I can't tell the difference
* Signatures on mailing lists are mostly (and maybe
entirely) useless because of how few members have
pre-existing trust relationships with others
* Don't ask people to trust what you say: give them
a way to independently verify what you say and
you can skip the headache of trying to establish
trust

Hope these thoughts help. Thanks for reading.

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

On Tue, 31 Jan 2012 19:04:57 -0500
Robert J. Hansen articulated:

> And then I imagined my dean answering, "That proves nothing: after
> all, if I was posting this stuff I wouldn't sign it, either."

Don't apologize, I loved you post. One of the better one's I have read
in a while. It appears that your Dean was a sharp individual.

You analogy is interesting too. In the '50s in the USA, there was a
movement to require individuals to take a "loyalty oath" It was at the
height of the McCarthy era. The theory was that it would root out
communist. Finally, it dawned upon these intellectually challenged jerks
that a real communist would have no problem taking such an oath since
it would be to their advantage to do so. Sometimes you just have to
shout, WTF.

--
Jerry â™”

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the Reply-To header.
__________________________________________________________________
What if there had been room at the inn?
Linda Festa on the origins of Christianity

On Tue, Jan 31, 2012 at 02:08:26PM -0500, Jean-David wrote in
<4F283C2A.6070102@verizon.net>:
>Remco Rijnders wrote:
>
>> I appreciate signed mails on this list (and any other lists). Most
>> problems these days on the internet are, in my opinion, related to
>> people being completely anonymous. If you stand behind your words,
>> show so by signing your posts.
>>
>OK. I stand behind this post. But other than amusing myself, does it
>really make any difference?

To me it does some. Knowing that we know that you are really Jean-David
Beyer and that it probably is not a made up name, makes it far more likely
that you'll consider your words before posting them online and that it is
also less likely that you'd be trolling just for the fun of it.

Please note that I am in any way suggesting you'd be trolling otherwise,
but a properly signed post for which a trust path from my key to yours
exists does make a difference to me. A small one perhaps and you might not
find it worth signing your posts for my convenience / peace of mind, but
if you do sign it, I do appreciate it :-)

Am Mittwoch, 1. Februar 2012, 01:04:57 schrieb Robert J. Hansen:

> > It is hard for me to believe that a serious user of GnuPG does not
> > use it for email.
>
> This sounds like a No True Scotsman fallacy. If someone uses GnuPG but
> not for email, does that disqualify them from being a serious user?

Of course not. I just don't believe that there are many examples of this type
out there. To me a serious user is one who actively signs, encrypts, and/or
verifies data and knows what he is doing. He has created a key and verified at
least one. Everything else seems like special use to me.


> Linux might account for half a percent
> of mindshare, so ... my prejudice is that there are about a million
> GnuPG users in the United States. They might not even know it, but
> they're part of the userbase.

That's not what I would call a serious user. Counting that way some big
distributors would just have to add Enigmail to their (graphical) default
installation and to you the numer of Enigmail "users" would get boosted by a
factor of 100 without any real change.


> (GnuPG is already on your system.)

That's not true for a certain quite popular OS. How many Windows users install
GnuPG without Enigmail? Given the huge difference in Linux and Windows users
this affects the calculation a lot.


> GnuPG would still crush us with between 100,000 and
> 350,000 'knowing' users.

Knowing is not the point to me.


> That's not how the world works.

> if/when we need to guarantee the integrity of our message

The world (at least the part I am familiar with) relies (implicitely) even
more on the integrity of a message than on trust. If you get an important
information, question or order and have doubts about the integrity of the
message then you will do some checks, no matter how much you trust. Of course,
doubts are much lower today than they should be. That's how a part of online
crime works.

On the other hand is the proof of the integrity of a message often enough even
if you do not know the person. Quite often people have to make manual
signatures without being knows to the person who demands for that. Often the
content is less important than the possibility to hold someone responsible for
it.

Another point: I get most of my (both private and professional) emails from
people I know.


> The reach of trust has been extended, sure, but
> that doesn't help much when there isn't trust.

Right. I would put it this way:
A signature cannot raise the trust in a message content above the trust in the
sender / signer. But a missing signature can (and usually will) lower the
trust in the message content below the trust in the (non-proven) sender.


> Imagine what would've happened if Roger had sent me that as a *signed*
> email.

> In this second alternate history, MFPA sends me a signed message

And which of these scenarios is more probable? Who will after starting to sign
emails start to send emails to people he is not familiar with? The first
szenario is an improvement for you, the second does not make a difference
(except for some wasted bandwith). Leaving out the cost it would not make
sense to do without signatures.


> time as me and posting incredibly offensive things on University forums
> using my name.

> For a while I considered signing everything,

Which is BTW not so easy. Many people use webmail. And there are reasons for
not importing private keys onto work PCs. I am often too lazy to plug in the
smartcard reader. But in the signature I apologize for not signing the mail.
;-) And if the content was important I would use the smartcard, of course.


> so I could then deny making
> those posts. "I didn't write that! I sign everything! That has a
> bad/missing signature!"

You probably wouldn't even have to because everyone who is in regular contact
with you would know that. On the other hand: Signing in a web forum seems kind
of extreme (and unsafe with respect to breaking the signature by automatic
text formatting). :-)


> And then I imagined my dean answering, "That proves nothing: after all,
> if I was posting this stuff I wouldn't sign it, either."

Would not make much sense to use the name but not sign it, though.


> * Signatures on mailing lists are mostly (and maybe
> entirely) useless because of how few members have
> pre-existing trust relationships with others

The ability to hold someone responsible for his messages (which usually
requires a signature but a signature is not enough to ensure that) is not the
same like trust but an important point, too.


Hauke
--
PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814

On 2/1/12 10:47 AM, Hauke Laging wrote:
> Of course not. I just don't believe that there are many examples of
> this type out there. To me a serious user is one who actively signs,
> encrypts, and/or verifies data and knows what he is doing. He has
> created a key and verified at least one. Everything else seems like
> special use to me.

Then yes, you are selecting for email users. There are quite a lot of
people who use GnuPG primarily for themselves -- for instance, a system
administrator who signs each backup, a lawyer who encrypts files when in
transit on a flash drive, etc.

The overwhelming majority of the users you see are using email, yes, but
only because email is the method by which you come to see them. Users
who never announce their usage (the system administrator, the lawyer,
etc.) are completely invisible to you.

I can't give an estimate on the number of 'invisible' users: they're
invisible to me, too. But I'm not going to believe they don't exist, or
that they don't exist in good numbers.

> That's not what I would call a serious user.

A 'serious user' is, to me, someone who will send angry emails if things
break. If a program can fail and not have an immediate adverse effect
on a user, the program is not important to the user and the user can be
said to not be a "serious user."

If GnuPG breaks, a whole lot of the Linux experience breaks. You get
warnings left and right about installing packages with bad signatures,
important updates don't happen, etc. This will result in a lot of angry
people strangling whoever is responsible for breaking their PC.

Yes, this definition means that you're a serious user of your OS kernel.
And why wouldn't you be? You demand your PC make thousands of kernel
calls each second. Is that not serious use?

> Counting that way some big distributors would just have to add
> Enigmail to their (graphical) default installation and to you the
> numer of Enigmail "users" would get boosted by a factor of 100
> without any real change.

Think about what you're saying:

(a) a major distro would have to ditch their email client for
Thunderbird
(b) a user would have to download and install Enigmail, since
it's not a standard part of Thunderbird

Ubuntu will be switching to Thunderbird in 12.04, apparently, so that
takes care of (a). I doubt we will see a huge surge in Enigmail users
as a result, though, since (b) is unchanged.

As soon as both Thunderbird *and* Enigmail are part of a standard Linux
installation, let me know. I'd love to know about it. Until then, I
think Enigmail is going to remain a niche player.

>> (GnuPG is already on your system.)
>
> That's not true for a certain quite popular OS.

Quite in context, please. In context, that sentence obviously referred
to Linux users. Quoting people out-of-context to score points is a pet
peeve of mine.

>> GnuPG would still crush us with between 100,000 and 350,000
>> 'knowing' users.
>
> Knowing is not the point to me.

Well, clearly the install base isn't the point, you've already said
those aren't what you'd call 'serious users'. And if users who know of,
are aware of, who pay attention to, how GnuPG works behind the scenes
aren't relevant to you, then what is? Each benchmark I use to represent
a class of users, you reject as being not what you're talking about, so
please tell me precisely what you *are* talking about.

> And which of these scenarios is more probable? Who will after
> starting to sign emails start to send emails to people he is not
> familiar with?

Quite a lot, apparently. There are a whole lot of people on this
mailing list. I'm sending a message to all of them, including people I
don't even know.

Your question: "Who will after starting to sign emails start to send
emails to people he is not familiar with?"

The answer is Facebook. Google+. eHarmony. Match.com. JDate.
Bear411. ChristianSingles.com. The list goes on and on and on. (Note:
my mention of any service is not an endorsement. If so, I'd be a weird
mess of contradictions: a nice Jewish boy who happens to be a
Pentecostal bear...)

People love to talk and to meet new people. You can't stop people from
talking to each other. It's part of the human experience. Something
about creating social connections tickles something deep in our brains.
It's like a drug. It's so much part of the human experience that we do
it even when it's risky and dangerous, and for those who *don't* love to
talk and meet new people we hang words like "misanthrope" or "hermit"
off them -- words with powerful connotations of psychological dysfunction.

> You probably wouldn't even have to because everyone who is in regular
> contact with you would know that.

Yes, but that's completely irrelevant. I don't mean to be callous, but
you've missed a very important point.

The people who would be complaining about my conduct would be people who
don't know me from the wind. *They're* the ones who would have to be
persuaded I was on the up-and-up. Persuading them would be an uphill
road to hoe.

What would the Dean say to them? "I've known Rob for three years and
he's never once expressed any sentiments like this?" They'd point out
that yes, I've never expressed sentiments like that openly around the
Dean because those opinions are so offensive they'd get me canned.

Best case scenario, the aggrieved parties would demand the Dean make a
full investigation. The Dean would know there would be no investigation
that could either clear me or condemn me: there's simply not enough
evidence to draw conclusions either way. The Dean would know that I was
on the up and up, but since trust isn't transitive, he couldn't convince
the concerned college community I was on the up and up.

So the Dean would quietly relieve me of teaching duties, give me a
research job in some office somewhere that I didn't have to interact
with anyone, keep me out of public view, and he'd tell the affected
people "the investigation is underway, and until it's resolved we've
relieved him of teaching duties." Then in a semester or two I'd be
quietly reinstated as a TA.

Welcome to politics. That's how it works.

>> And then I imagined my dean answering, "That proves nothing: after
>> all, if I was posting this stuff I wouldn't sign it, either."
>
> Would not make much sense to use the name but not sign it, though.

Sure it would. Deniability.

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

On Wed, 1 Feb 2012 16:47, mailinglisten@hauke-laging.de said:

> That's not true for a certain quite popular OS. How many Windows users install
> GnuPG without Enigmail? Given the huge difference in Linux and Windows users
> this affects the calculation a lot.

A quick data point. From March to May, after the release of Gpg4win
2.1, we had an average of more than 600 downloads per day from the
primary server. That is more than 50000 in 3 months. In June we even
reached 800 per days. Unfortunately I don't have any newer numbers
available.

And there are also the users of gnupg 1.4 - I don't run statistics on
ftp.gnupg.org, thus I can't tell you any numbers.


Salam-Shalom,

Werner

--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.


_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

On 01/02/12 16:19, Robert J. Hansen wrote:

> As soon as both Thunderbird *and* Enigmail are part of a standard Linux
> installation, let me know. I'd love to know about it. Until then, I
> think Enigmail is going to remain a niche player.

Has there been a concerted effort to make Enigmail an integral part of
Thunderbird, distributed with it? If yes, what are the reasons that it
has been rejected so far? If no, why not?

--
Mike Cardwell https://grepular.com/ http://cardwellit.com/
OpenPGP Key 35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F
XMPP OTR Key 8924 B06A 7917 AAF3 DBB1 BF1B 295C 3C78 3EF1 46B4

On Wed, 1 Feb 2012 17:40, gnupg@lists.grepular.com said:

> Has there been a concerted effort to make Enigmail an integral part of
> Thunderbird, distributed with it? If yes, what are the reasons that it
> has been rejected so far? If no, why not?

The Mozillas don't like OpenPGP. To them it is probably too much
anarchy compared to S/SMIME. Ask the Mammon.


Shalom-Salam,

Werner

--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.


_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

On Wed, 01 Feb 2012 17:55:05 +0100
Werner Koch articulated:

> The Mozillas don't like OpenPGP. To them it is probably too much
> anarchy compared to S/SMIME. Ask the Mammon.

Windows users prefer S/MIME. I know I use it on my Windows machines
because it does not require me to install more applications. It works
seamlessly in Outlook, which is probably its biggest asset. Perhaps the
Mozilla folks, realizing that Microsoft users are probably its largest
base audience prefer to stick with what its main constituency want. Just
a guess and my own 2ï¿ .

--
Jerry â™”

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the Reply-To header.
__________________________________________________________________


_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

On Wed, 1 Feb 2012 18:19, jerry@seibercom.net said:

> Windows users prefer S/MIME. I know I use it on my Windows machines
> because it does not require me to install more applications. It works

But users need to pay their Internet tax to Verislime et al. Or, tinger
with CAcert root certificates.


Salam-Shalom,

Werner

--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.


_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

On 2/1/12 11:40 AM, gnupg@lists.grepular.com wrote:
> Has there been a concerted effort to make Enigmail an integral part
> of Thunderbird, distributed with it?

I don't know what you mean by a "concerted effort." Maybe five Enigmail
users count under your definition, maybe fifty: maybe two people within
Mozilla, or maybe nobody has to be within Mozilla, etc. All I can say
is that at various times people have tried to push for this, but so far
without success. There seem to be two major reasons for this:

* S/MIME is already irrelevant to the vast majority of
Thunderbird users, and providing OpenPGP would just
introduce a redundant irrelevant capability

* Enigmail requires a binary that's not maintained by
Mozilla, which is released on its own schedule, and
is licensed under terms other than those Mozilla
prefers


_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

gnupg-users-bounces@gnupg.org wrote on 02/01/2012 10:51:46 AM:
> ----- Message from "Robert J. Hansen" <rjh@sixdemonbag.org> on Wed,
> 01 Feb 2012 11:19:08 -0500 -----
>
> To:
>
> gnupg-users@gnupg.org
>
> Subject:
>
> Re: PGP/MIME use
>
> On 2/1/12 10:47 AM, Hauke Laging wrote:
> > Of course not. I just don't believe that there are many examples of
> > this type out there. To me a serious user is one who actively signs,
> > encrypts, and/or verifies data and knows what he is doing. He has
> > created a key and verified at least one. Everything else seems like
> > special use to me.
>
> Then yes, you are selecting for email users. There are quite a lot of
> people who use GnuPG primarily for themselves -- for instance, a system
> administrator who signs each backup, a lawyer who encrypts files when in
> transit on a flash drive, etc.
>
> The overwhelming majority of the users you see are using email, yes, but
> only because email is the method by which you come to see them. Users
> who never announce their usage (the system administrator, the lawyer,
> etc.) are completely invisible to you.
>

I would be one who fits in the other case. I've never signed an
e-mail--no one at our organization does. (Not that I wouldn't like to,
but nearly all those with whom I communicate wouldn't have any use for nor
comprehension of the signature.) However, I've written scripts to
routinely sign files for transmission to our bank. I would definitely
count us as serious users. We would be very upset if the bank started
rejecting transmissions due to the lack of a valid signature. Seeing that
our bank is a very large one, I'm sure there are plenty of others who also
sign their business transmissions using GPG.

Michael

On Wed, 1 Feb 2012 13:37:56 -0500
MichaelQuigley@TheWay.Org articulated:

> However, I've written scripts to
> routinely sign files for transmission to our bank.

Does your bank actually verify those signed documents? I have sent
documents to various organizations, both signed and unsigned and never
heard a word spoken from any of them regarding it.

--
Jerry â™”

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the Reply-To header.
__________________________________________________________________


_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

On 2/1/12 2:23 PM, Jerry wrote:
> Does your bank actually verify those signed documents?

I can't vouch for financial institutions. I can tell you that when I
was working in electronic voting, whenever I asked questions about "do
you verify signatures?" I was always assured that yes, yes they did.
Whenever I asked, "when was the last time you had a bad signature?" I
always received an answer of either "gee, look at the time, gotta go,"
or "we've never had a bad signature on data from a real election, after
all, our systems are reliable and trustworthy."

>From the perspective of the voting authority, if they say "no we don't
check signatures" it undercuts confidence, therefore they always say
they check signatures. If they say "yeah, we had a bad sig last week, a
byte got dropped somewhere, we re-sent the data and it was fine," that,
too, undercuts confidence: they're admitting the system isn't perfect.

I liked hearing the "Gee, look at the time, gotta go" answer. It seemed
to be the most honest.

YMMV, and banks are definitely different beasts from voting authorities.

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

On Wed, 01 Feb 2012 14:40:23 -0500
Robert J. Hansen articulated:

> I liked hearing the "Gee, look at the time, gotta go" answer. It
> seemed to be the most honest.
>
> YMMV, and banks are definitely different beasts from voting
> authorities.

I used to get the "Gee" bit to when I asked for a raise. Anyhow, I am
willing to bet that most, if not all banking establishments do not
verify signed mail, or if they do they want S/MIME since their user
base is vastly Microsoft orientated and S/MIME is favored on that
architecture.

An unverified signed document is about as useful as tits on a bull. I
receive from time to time a signed document on various forums that is
shown as bad by my MUA (claws-mail). Usually, it is just out of date.
Occasionally, I get a revoked one though. Again, it is usually due to
the PEBKC phenomenon. In any case, I have never considered the
signature to be of any importance in a mail forum environment. I know
that some users do, and that is their right. The only problem I have
is with those friggin "inliners" whose signature Spams up the page and
makes a "sig-delimiter" impotent. Then, of course, there are
those intellectually challenged who fail to trim out that superfluous
crap before replying to it.

--
Jerry â™”

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the Reply-To header.

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Am Mittwoch, 1. Februar 2012, 19:37:56 schrieb MichaelQuigley@theway.org:

> I would be one who fits in the other case. I've never signed an
> e-mail--no one at our organization does. (Not that I wouldn't like to,
> but nearly all those with whom I communicate wouldn't have any use for nor
> comprehension of the signature.) However, I've written scripts to
> routinely sign files for transmission to our bank. I would definitely
> count us as serious users.

And you perfectly fit the description I gave for "serious users" from my
perspective.


> I'm sure there are plenty of others who also
> sign their business transmissions using GPG.

I don't doubt that. I just don't understand why someone who has understood the
concept and is capable of validating keys of others, encrypting, decrypting
and signing should not use that technology for his email (neither professional
nor private). The people I know who are interested in security technology are
generally interested in spreading this technology (not limited to OpenPGP).

Thus I assume that you are an exception, whatever your reasons may be.


Hauke
--
PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi


On Wednesday 1 February 2012 at 5:19:41 PM, in
<mid:20120201121941.5e100a23@scorpio>, Jerry wrote:


> Windows users prefer S/MIME.

Seems likely to me that the majority of Windows users use neither
S/MIME nor openPGP.

- --
Best regards

MFPA mailto:expires2012@rocketmail.com

Never lean forward to push an invisible object.
-----BEGIN PGP SIGNATURE-----

iQCVAwUBTymwH6ipC46tDG5pAQpJQwP+J8BlHs9NJg1K7hbN4mzSeYYhdCaX9g61
aHANyVvhX8kqW0O+tFNFzXOQ3O3tsjI9uhbxaOJ8mW5SkbkF2tHlGEZlSgAcghHL
QvOjNMRQhf7yxHkNXCbvDT6bJtcVN02Jf0Q0AHzSfEg4K5cWP/o04puYv/iJK5K9
wrYHlw4Xldc=
=I0FH
-----END PGP SIGNATURE-----


_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

On 2/1/12 4:14 PM, Hauke Laging wrote:
> I just don't understand why someone who has understood the
> concept and is capable of validating keys of others, encrypting, decrypting
> and signing should not use that technology for his email.

I have referred to this paper probably five times or more on this list
and other lists. I really wish people would read it. I'm getting tired
of answering this -- it's my least-favorite OpenPGP-related question.

Shirley Gaw, Edward W. Felten, Patricia Fernandez-Kelly. Secrecy,
Flagging and Paranoia: Adoption Criteria in Encrypted Email.
Proceedings of CHI 2006 Conference on Human Factors in Computing
Systems, 2006.

http://www.cs.princeton.edu/~sgaw/publications/01Feb-Activists-sgaw-CHI2006.pdf

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 2/1/2012 04:35 PM, MFPA wrote:
> Seems likely to me that the majority of Windows users use neither
> S/MIME nor openPGP.

This is an assumption. I, personally, have a dual-boot system with a GNU/Linux
OS and Windows 7. Ever since I discovered GnuPG and the OpenPGP standard, I
have used them on both systems. I cannot, however, speak for the "majority" of
Windows users, as I share the same assumption, though my support is the fallacy
of leaning on personal experience.

Regards,
Christopher J. Walters
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJPKbHuAAoJEJ6vdel2qM1cPPgP/RuUigH6eie++kSCBqBdpg0y
VAPrPk3Dsj9wbt6oVyeT1rpa0LDQg486p85Kw8VHkqFFjGrtCrtYsGABbCjqzfFG
yug7MR37pRu9O2esy+4dU0Jd1ousYDtGDD1rwBn5V1tHdGhat9H2BGVu4EFk+ZTs
/o8OtpquXQw3HGrWJ6HtSzuIZiSxrlHJ1GwGxpaMnQwQZCB7gOijg7QHWR+J9s9d
otUQg8uEZwV8B6wr+in5u8Z9n+ktD0bhnQRNVoPmZWkuuKmuXLXosvduLUz8h2XJ
h16UdAm0FAApQg9B/HvjvLRySGnRYpaPhQSHEekewEmX9VHTvl9aFANnhTycEOmq
yDwB+8P8rUkACPqF6EDpmeq3ycimTuLrMReyi5DtVTdTqAXY/Fa3NvZkdFb0qqLA
TEC5CqQZW8l/etkxSN4V52AiMLPios7FjNXjO5Ah/isATAx4Tc35hphkRoyD7RZJ
rzBxB5ldwf2+zUF/kpGGwG6AoVE9HK4OGZUHY/legUdVwOJ7bjiIiy1oYdSAWVxr
LVHVcHuB0gI5Py3J4cXZzS3dZj6q2Z8sqdd4AzCTDfvdVCr5Jduf0OHhTeEm6gf2
658g7oqxL+OGIWc2pkb206SLzNMwvOnCm12DuExp2PhSp3FQUq9FPncqc29OiH3t
yfneEvlMz9wjRzp7Nb6b
=rIRD
-----END PGP SIGNATURE-----


---
avast! Antivirus: Outbound message clean.
Virus Database (VPS): 120201-0, 02/01/2012
Tested on: 2/1/2012 4:43:14 PM
avast! - copyright (c) 1988-2012 AVAST Software.
http://www.avast.com




_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

gnupg-users-bounces@gnupg.org wrote on 02/01/2012 01:58:45 PM:
> ----- Message from Jerry <jerry@seibercom.net> on Wed, 1 Feb 2012
> 14:23:31 -0500 -----
>
> To:
>
> gnupg-users@gnupg.org
>
> Subject:
>
> Re: PGP/MIME use
>
> On Wed, 1 Feb 2012 13:37:56 -0500
> MichaelQuigley@TheWay.Org articulated:
>
> > However, I've written scripts to
> > routinely sign files for transmission to our bank.
>
> Does your bank actually verify those signed documents? I have sent
> documents to various organizations, both signed and unsigned and never
> heard a word spoken from any of them regarding it.

Yes they verify the signature on the file. In fact, I spent quite a bit
of time working with them to get the signature to successfully verify. (It
finally turned out that they did not want clearsign, but I had been
specifically told to use both clearsign and armour.) I'm quite confident
they are verifying the signature on all files transmitted via the platform
we're using.

On Wed, 1 Feb 2012 21:35:21 +0000
MFPA articulated:

> Seems likely to me that the majority of Windows users use neither
> S/MIME nor openPGP.

Which would equate to the majority of non-Windows users. However, of
those users on MS Windows that do use a form of document signing, I
believe that majority employ S/MIME, if for no other reason than it
works seamlessly in MS Outlook. As I stated elsewhere, I use S/MIME on
my MS Windows machines because it is just easier to do. I really,
really like the KISS principal. For that very reason, on my FreeBSD
based machines, I employ PGP. I see no problem with it and both work
quite well. Others are certainly entitled to their own opinion.

--
Jerry â™”

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the Reply-To header.
__________________________________________________________________


_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 2/1/2012 04:38 PM, Robert J. Hansen wrote:
> I have referred to this paper probably five times or more on this list
> and other lists. I really wish people would read it. I'm getting tired
> of answering this -- it's my least-favorite OpenPGP-related question.
>
> Shirley Gaw, Edward W. Felten, Patricia Fernandez-Kelly. Secrecy,
> Flagging and Paranoia: Adoption Criteria in Encrypted Email. Proceedings
> of CHI 2006 Conference on Human Factors in Computing Systems, 2006.
>
> www.cs.princeton.edu/~sgaw/publications/01Feb-Activists-sgaw-CHI2006.pdf


I have read the abstract, and admit that I only skimmed the rest of that
paper. I find that it is only really talking about the use of public key
encryption of messages, and the human factors that lead to the decision of
whether or not to encrypt messages.

That is a separate topic from actually signing your message with your secret
key - and is not terribly germane to public mailing lists. Since the list
owner would have to deem it worth the trouble to generate a key pair for the
list AND collect the public keys of each subscriber, and use software that
will be able to decrypt messages sent to the list, and re-encrypt them to
each subscriber. This would not significantly improve security in such a
forum, and would increase the load on the system that processes mail for the
list.

To clarify, by "public mailing list", I mean that anyone can join it and post
to it. A private mailing list would mean, in this context, would be an
"invite-only" list, where one would have to be known to the list owner and
specifically invited to join.

Signing, OTOH is a personal choice of each subscriber. Those who choose to
do so can do so, and those who do no choose to do so, do not.

Regards,
Christopher J. Walters
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJPKbaFAAoJEJ6vdel2qM1cbsIP/1fRt03em5hHN3uQz5c+tilV
cfBTItlXIVE5W6I9Xl08mhIy5KGhCG9vn0Zjx5PJn30VYneakAxNxHzQ+uqDlDa0
9A/PvzUSOoz8AO0IDEblASsU6z6iS/1xEuP1C3GXeqZcb9Rg2//UPEHwAMxvE1sG
rmIMX2MUrTb2Tuy8EL20ym/VioUaqP3H/le1shNBmakS9sjgtsDooQzJX3erl64b
pKD30BaBmP93WiI/r7Sxnry0jp7n8yMSpYRCzKMUWde7MNVZ+MgwBo5EVisWBBkq
vh/X+uKbp/6uVSk1LXh/dpj8Sbl0Co8u+0jKudeBcGscu8Y/inuP22evKmS90XuE
qGx/Mgwy+Vp05M8OwuYk8+2V/41KLNoO/IWrtWQfwDEOJSjcA2mcamYdF8jwAeOY
IIW5Dapk2f5g4EciPZ1eO/SJ4227aV3PEbuceLAAy2BHSHuXIt9uTEq3SOHzxLKT
vauuP/kLgra9ZZJkESoSoAY5KBHaJt3C6+jSp7KYL6UNUipto8/mH0MF/KXecUyb
ZYOYSRDBlvE2/WicxZBCN0Nlwq1SQ38/zCUFyXiKnyhjiUNpBuHdOdZfrp9KWDrC
Y08GgwY4WWpmwBQbP3zPM1X7iVoP2gfmcm3+1gxfm/aVkhhm22JZNdvBGId69AIe
xDfh2dzEYWl+/S7oILXB
=E1X7
-----END PGP SIGNATURE-----


---
avast! Antivirus: Outbound message clean.
Virus Database (VPS): 120201-0, 02/01/2012
Tested on: 2/1/2012 5:02:50 PM
avast! - copyright (c) 1988-2012 AVAST Software.
http://www.avast.com




_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

On 2/1/12 5:02 PM, Christopher J. Walters wrote:
> I have read the abstract, and admit that I only skimmed the rest of
> that paper. I find that it is only really talking about the use of
> public key encryption of messages, and the human factors that lead
> to the decision of whether or not to encrypt messages.

Read the paper.

One of the principal reasons the NGO in the study avoided using crypto
was because they were concerned about appearing to outsiders as if
they were paranoids with something to hide.

Why do you want to sign everything? Because you want to detect if
someone's tampered with your messages. What are you, some kind of
paranoid who's worried about people screwing with your email?

Seriously. Read the paper. It's worthwhile.

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi


On Wednesday 1 February 2012 at 9:14:33 PM, in
<mid:201202012214.38430.mailinglisten@hauke-laging.de>, Hauke Laging
wrote:


> I just don't understand why someone
> who has understood the concept and is capable of
> validating keys of others, encrypting, decrypting and
> signing should not use that technology for his email
> (neither professional nor private).


There are plenty of things people don't bother doing, despite
understanding, knowledge, and capability. Why should this be
different?



- --
Best regards

MFPA mailto:expires2012@rocketmail.com

A closed mouth gathers no foot
-----BEGIN PGP SIGNATURE-----

iQCVAwUBTym6hqipC46tDG5pAQqsigP9Gh1IF9BleD9BKrPSTQgScgvRQggEo6Kg
CxRnvp6ium4RgwDKmSgd70pzPeeAclLmnG+NK9WE7229vIfR3bB9HvodYk/CFtf4
WcohaA9i9WnmmExNrDLqpI5lBrj44bUUf4zJ23sV+P2jlldtxF89T1AImdl7YQC2
j4z9K9QlFaE=
=l8xF
-----END PGP SIGNATURE-----


_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Am Mittwoch, 1. Februar 2012, 23:19:43 schrieb MFPA:

> > I just don't understand why someone
> > who has understood the concept and is capable of
> > validating keys of others, encrypting, decrypting and
> > signing should not use that technology for his email
> > (neither professional nor private).
>
> There are plenty of things people don't bother doing, despite
> understanding, knowledge, and capability. Why should this be
> different?

I give training courses about cryptography in a German party and am involved
in the discussion whether and how we should use it in our administration. Thus
I have some experience with (mostly) "normal" people (no IT geeks). My
experience is that

a) most people don't care at all (which probably everyone here can confirm...)

b) the other ones say that it's a useful technology but they do not use it due
to either their software not supporting it or (more important) their personal
lack of knowledge

c) I have never encountered someone saying something like "I know how it
works, I use it for software distribution and backups but I have never used it
for email".

The probable main difference to your "plenty of things" is that this is
considered useful (for email!) by many people (many more than capable of using
it). Thus it seems quite improbable to me that among those few who are capable
of using it there are many who do not find it useful (for email).


Hauke
--
PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814

Am Mittwoch, 1. Februar 2012, 17:19:08 schrieb Robert J. Hansen:
> On 2/1/12 10:47 AM, Hauke Laging wrote:
> > Of course not. I just don't believe that there are many examples of
> > this type out there. To me a serious user is one who actively signs,
> > encrypts, and/or verifies data and knows what he is doing. He has
> > created a key and verified at least one. Everything else seems like
> > special use to me.
>
> Then yes, you are selecting for email users. There are quite a lot of
> people who use GnuPG primarily for themselves -- for instance, a system
> administrator who signs each backup, a lawyer who encrypts files when in
> transit on a flash drive, etc.

My description does not select for email users only but also covers your
examples. We are not talking about "primarily" but about "only".


> Yes, this definition means that you're a serious user of your OS kernel.
> And why wouldn't you be? You demand your PC make thousands of kernel
> calls each second. Is that not serious use?

Depends on what you are thinking about. Of course, it is interesting to know
how many kernels are out there. But it is also interesting an deserves being
looked at seperately how many people have an "active", "planned" interaction
with their kernel. Something like compiling it themselves, compiling modules
for it, deactivating or configuring modules, configuring the kernel via
command line parameters, saving an old kernel version as fallback.


> >> (GnuPG is already on your system.)
> >
> > That's not true for a certain quite popular OS.
>
> Quite in context, please. In context, that sentence obviously referred
> to Linux users. Quoting people out-of-context to score points is a pet
> peeve of mine.

I apologize if anyone had the impression that I used your quote wrongly (but
why should I?). The point is that you said nothing about Windows which due to
its market share cannot be ignored. And that has no relation to the context of
your quote.


> And if users who know of,
> are aware of, who pay attention to, how GnuPG works behind the scenes
> aren't relevant to you, then what is?

I do not see how relevance could be bound to knowing what happens if this has
no influence to what happens at all. Users who need a software (whether they
know that or not) are relevant to me, too. But those users are relevant for
GnuPG's verification feature only because they never use anything else.

To me it's important for the assessment of a user whether ot not he causes any
data in the world to be changed (because he signs something, encrypts
something, something is encrypted for him). One groups makes just a quantity
difference to IT, the other one a quality difference.

The reason why most people do not use Enigmail (or something similar) is *not*
the installation of GnuPG. You can easily install GnuPG without any clue how
to use it. The main reasons are the lack of felt need (whether those people on
average feel a need for update rpm signature checks?) and the lack of
knowledge. Thus only comparing the GnuPG users with knowledge to the Enigmail
users makes sense to me.


> Each benchmark I use to represent
> a class of users, you reject as being not what you're talking about, so
> please tell me precisely what you *are* talking about.

I already did so:
> > This sounds like a No True Scotsman fallacy. If someone uses GnuPG but
> > not for email, does that disqualify them from being a serious user?
>
> [...] To me a serious user is one who actively signs, encrypts,
> and/or verifies data and knows what he is doing. He has created a key and
> verified at least one. Everything else seems like special use to me.

However, we are not discussing something important. You said that Enigmail
users were just a small share of GnuPG users. This share depends on the part
of GnuPG users considered. Obviously our opinions about that part differ but
the decision who is "right" has no consequence at all.


> > And which of these scenarios is more probable? Who will after
> > starting to sign emails start to send emails to people he is not
> > familiar with?
>
> Quite a lot, apparently. There are a whole lot of people on this
> mailing list. I'm sending a message to all of them, including people I
> don't even know.

But you don't send email to this list *because* you sign your email. You don't
even sign your email to this list.


> Your question: "Who will after starting to sign emails start to send
> emails to people he is not familiar with?"
>
> The answer is Facebook. Google+. eHarmony. Match.com. JDate.
> Bear411. ChristianSingles.com. The list goes on and on and on.

Right. But for nearly none of those cryptography is the reason for contaction
others. In other words: If email cryptography becomes more common there is no
reason to expect more email from unknown people (due to this effect).


> The people who would be complaining about my conduct would be people who
> don't know me from the wind. *They're* the ones who would have to be
> persuaded I was on the up-and-up.

OK but if someone considers his opinion about something he is not familiar
with superior to the uniform opinion of some who are familiar then I would
consider him an idiot (not stating that idiots cannot be a problem for someone
innocently accused).


> >> And then I imagined my dean answering, "That proves nothing: after
> >> all, if I was posting this stuff I wouldn't sign it, either."
> >
> > Would not make much sense to use the name but not sign it, though.
>
> Sure it would. Deniability.

That's the sense of non-signing. What's the sense of using your name? Creating
problems for yourself? Accepting those problems in order to make the offense
more interesting to the public?


Hauke
--
PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814

Am Mittwoch, 1. Februar 2012, 22:38:57 schrieb Robert J. Hansen:
> On 2/1/12 4:14 PM, Hauke Laging wrote:
> > I just don't understand why someone who has understood the
> > concept and is capable of validating keys of others, encrypting,
> > decrypting and signing should not use that technology for his email.
>
> I have referred to this paper probably five times or more on this list
> and other lists. I really wish people would read it. I'm getting tired
> of answering this -- it's my least-favorite OpenPGP-related question.

I knew that paper (due to one of your emails). I read it again now. It has
quite little to do with my "question".

My question was NOT "Why do so few people use email cryptography"? But that is
the question this paper wants to answer.

Some points from the paper:
• It is (mainly) about people not familiar with GnuPG in some context
different from email.

• One of the two most IT capable people being interviewed does not even know
how to make signatures.

• Most or even all of those users did not have an environment which creates
signatures or encrypts automatically. I have not read how they did it; I
assume they used some program not integrated into their email software and had
to use the clipboard for transferring the data.

• Most of the paper is about encryption. None of the interviewed people denied
the sense of encryption in certain cases.

I do not see how to get valid conclusions from non-IT people using bad
software for IT people free to chose their software.


Hauke
--
PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814

On 2/1/12 5:53 PM, Hauke Laging wrote:
> I apologize if anyone had the impression that I used your quote
> wrongly (but why should I?). The point is that you said nothing about
> Windows which due to its market share cannot be ignored. And that has
> no relation to the context of your quote.

Yes, I'm ignoring Windows, mostly because I have absolutely no idea
where to begin estimating GnuPG users on Windows. All I can do is
mutter something about "wovon man nicht sprechen kann, darüber muß man
schweigen" and quickly change the subject. :)

That said, yes, on Linux Enigmail is a niche player. The major distros
ship either KDE or GNOME desktops. KDE's default mail application is
KMail, and GNOME's is Evolution. Both have strong OpenPGP support. You
don't need to install Thunderbird+Enigmail on those platforms to get
OpenPGP support for email, so most people who want OpenPGP email don't.

> The reason why most people do not use Enigmail (or something similar)
> is *not* the installation of GnuPG.

Having fielded questions from people stymied by Enigmail installation
for a few years now, I disagree. I've encountered a lot of people who
find it to be a significant obstacle. It was much worse in the past,
but since the introduction of Windows installers for GnuPG the problems
have diminished significantly. We still get a fair number of them, though.

> But you don't send email to this list *because* you sign your email.
> You don't even sign your email to this list.

No, but I do sign emails. There are a fair number of people who can
attest to that. I just don't sign emails to mailing lists except in
unusual cases (e.g., I'm making a post to the Enigmail list in my role
as a list moderator) or when I've enabled signing by accident.

> Right. But for nearly none of those cryptography is the reason for
> contaction others. In other words: If email cryptography becomes more
> common there is no reason to expect more email from unknown people
> (due to this effect).

I don't understand what you're saying. If cryptography is the reason to
contact someone, then I think we all need to get out more. :) I contact
people to *communicate*. Cryptography is just a tool to facilitate that.

> OK but if someone considers his opinion about something he is not
> familiar with superior to the uniform opinion of some who are
> familiar then I would consider him an idiot.

World's full of 'em. God knows I've asserted my right to be a damnfool
idiot from time to time, so I'm inclined to judge them a bit more leniently.

> That's the sense of non-signing. What's the sense of using your name?
> Creating problems for yourself? Accepting those problems in order to
> make the offense more interesting to the public?

Ask Charlie Sheen, or for that matter anyone who's ever wrestled with
bipolar disorder, drug addiction, or any of a whole host of illnesses
and/or conditions that can cause erratic behavior. Sometimes the
software running on the gray matter just breaks and people act in weird
ways. It's part of the human condition.

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

On 2/1/12 6:08 PM, Hauke Laging wrote:
> My question was NOT "Why do so few people use email cryptography"?
> But that is the question this paper wants to answer.

Your statement was, "I just don't understand why someone who has
understood the concept[s] and is capable of [using the software] should
not use that technology for his email." That's a statement, not a
question: I inferred your question as, "Why is it people who understand
the concepts and are capable of using the software don't use it for
their email?"

And that is, in fact, exactly the question they're answering. "In this
paper we try to identify additional barriers by interviewing a set of
users from an organization that relies on secrecy. Our interviews
demonstrate that users' attitudes about encryption, and the social
significance users attach to it, are an important factor in limiting
adoption."

Their central finding? It's not a technological problem: it's a social one.

> Some points from the paper:
>
> • It is (mainly) about people not familiar with GnuPG in some context
> different from email.

Incorrect. GnuPG is never mentioned in the paper. The NGO mentioned in
the paper is PGP-only. Some of their case studies (Woodward) used PGP
to encrypt files on their desktops: others (Abe) were email-only. Some
were email-only (Jenny) but abandoned it, others... etc.

> • Most or even all of those users did not have an environment which
> creates signatures or encrypts automatically.

Incorrect. The paper makes it clear they had plugins available to do
the process automatically. "In addition, [Woodward] distrusted plugins
for email programs, relying on encrypting the text of a message first
and copying it into his email program later." That sentence only makes
sense if they had access to plugins. Further, PGP circa 2006 shipped
with email plugins.

Another user, Abe, "used encryption to protect financial data ... [he]
believed this setup was simple." From that I infer Abe had suitable
tools for the task -- which is quite plausible, given we know they were
using PGP.

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Am Donnerstag, 2. Februar 2012, 00:27:04 schrieb Robert J. Hansen:

> Your statement was, "I just don't understand why someone who has
> understood the concept[s] and is capable of [using the software] should
> not use that technology for his email." That's a statement, not a
> question:

You are so right. You like quotation contexts, don't you?

> I knew that paper (due to one of your emails). I read it again now. It has
> quite little to do with my "question".

See the ""?


> I inferred your question as, "Why is it people who understand
> the concepts and are capable of using the software don't use it for
> their email?"

Correct.


> And that is, in fact, exactly the question they're answering. "In this
> paper we try to identify additional barriers by interviewing a set of
> users from an organization that relies on secrecy. Our interviews
> demonstrate that users' attitudes about encryption, and the social
> significance users attach to it, are an important factor in limiting
> adoption."

That's not even nearly the question they are answering. For none of the users
they mention that he uses GnuPG-like software in a context different from
email. At most one of them "understands the concept" (as a whole, not just a
part of it, i.e. encryption). They don't say that explicitly but we have to
assume that everyone else has neither understood the feature signing nor is
using it.

How much do these people have in common with admins and lawyers in your
opinion?


> Their central finding? It's not a technological problem: it's a social
> one.

I have never heard or assumed something different.


> > Some points from the paper:
> >
> > • It is (mainly) about people not familiar with GnuPG in some context
> >
> > different from email.
>
> Incorrect. GnuPG is never mentioned in the paper.

Thus we have no reason to assume that any of them is familiar with GnuPG. Our
point is people familiar with GnuPG who do not use email cryptography. This is
the other way round: People using email (most of them) with no information
about their other background.


> > • Most or even all of those users did not have an environment which
> > creates signatures or encrypts automatically.
>
> Incorrect. The paper makes it clear they had plugins available to do
> the process automatically. "In addition, [Woodward] distrusted plugins
> for email programs, relying on encrypting the text of a message first
> and copying it into his email program later." That sentence only makes
> sense if they had access to plugins. Further, PGP circa 2006 shipped
> with email plugins.

No, it also makes sense reading "He did not see a problem in not having a tool
for automatic processing as he would not have used it anyway as he distrusted
such plugins".

Furthermore "available" is not the same like "using".

There are other quotes which make sense only if such plugins are NOT
available:

"He (Abe) estimated that encrypting every e-mail message would
add another hour to his workday unless it was automated."

"He (Abe) figured this man has an automated system for encrypting e-mail"

"I (Jenny) think he probably has some automated system. That everything he
sends gets encrypted automatically. I can’t believe he’s encrypting manually
every time. But to me, it’s like—OK, if it’s automated—fine."

"If it was encrypted on his computer and he sent to my computer, automatically
encrypted or decrypted it—fine. Then, encrypt everything you want."

"Arguably, some of the stigma associated with using encrypted e-mail was tied
to the overhead of the system ActivistCorp used. Where appropriate, some of
the process can be removed or automated."

> Another user, Abe, "used encryption to protect financial data ... [he]
> believed this setup was simple."

The same one saying "most people see this as more work and want things
simpler" and "I’m actually considered a “techie”". "Simple" is in the eye of
the beholder. It may even have referred to the point that he just encrypts
financial data which he regularly synchronizes with others.


Hauke
--
PGP: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814

On 2/1/2012 7:30 PM, Hauke Laging wrote:
>> Your statement was, "I just don't understand why someone who has
>> understood the concept[s] and is capable of [using the software] should
>> not use that technology for his email." That's a statement, not a
>> question:
>
> You are so right. You like quotation contexts, don't you?

I'm afraid, Hauke, that I don't understand what you're getting at.

>> I inferred your question as, "Why is it people who understand
>> the concepts and are capable of using the software don't use it for
>> their email?"
>
> Correct.

Then you have my response to that: the paper I cited does a good job of
answering that question.

> That's not even nearly the question they are answering.

Then we disagree completely, and there's nothing more to be said.

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

> ---------- Forwarded message ----------
> From: "Robert J. Hansen" <rjh@sixdemonbag.org>
> To: gnupg-users@gnupg.org
> Cc:
> Date: Wed, 01 Feb 2012 18:12:24 -0500
> Subject: Re: PGP/MIME use
> On 2/1/12 5:53 PM, Hauke Laging wrote:
> Yes, I'm ignoring Windows, mostly because I have absolutely no idea
> where to begin estimating GnuPG users on Windows. All I can do is
> mutter something about "wovon man nicht sprechen kann, darüber muß man
> schweigen" and quickly change the subject. :)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512


OK, I'm sorry, but when someone drops Wittgenstein—on topic—on a
list about cryptography, there needs to be some recognition of
that.

Well done, sir.

- --Avi
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (MingW32) - GPGshell v3.78
Comment: Most recent key: Click show in box @ http://is.gd/4xJrs

iL4EAREKAGYFAk8q3clfGGh0dHA6Ly9rZXlzZXJ2ZXIudWJ1bnR1LmNvbS9wa3Mv
bG9va3VwP29wPWdldCZoYXNoPW9uJmZpbmdlcnByaW50PW9uJnNlYXJjaD0weDBE
NjJCMDE5RjgwRTI5RjkACgkQDWKwGfgOKfkt7AD/XBnefqGl/3Ul2FcghMK6pOwf
8pmkxBiy/EC8qxF8TZIA/RgCgmYwzzERQHFj5X9pQJCX2x7EURV+otSFR+7yWvwK
=nc8f
-----END PGP SIGNATURE-----


----
User:Avraham

pub 3072D/F80E29F9 1/30/2009 Avi (Wikimedia-related key) <avi.wiki@gmail.com>
   Primary key fingerprint: 167C 063F 7981 A1F6 71EC  ABAA 0D62 B019 F80E 29F9

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

>> Has there been a concerted effort to make Enigmail an integral part of
>> Thunderbird, distributed with it? If yes, what are the reasons that it
>> has been rejected so far? If no, why not?
> Werner replied:
> The Mozillas don't like OpenPGP. To them it is probably too much
> anarchy compared to S/SMIME. Ask the Mammon.
Robert replied:
> * S/MIME is already irrelevant to the vast majority of
> Thunderbird users, and providing OpenPGP would just
> introduce a redundant irrelevant capability
>
> * Enigmail requires a binary that's not maintained by
> Mozilla, which is released on its own schedule, and
> is licensed under terms other than those Mozilla
> prefers

Mozilla is founded by Google. Without Google they would be gone. Googles business model is not to protect the user but to analyze him. That is not possible when you use mail encryption.

The question is still valid and imo, some pressure from the user community might help to bring Thunderbird to the point where it can be downloaded containing enigmail. That would be a huge step! The arguments by Robert seem to be rather minor compared to the huge benefit delivery of save communication would bring.

Imagine a world in which Windows and OS X are delivered with OpenPGP. I don't see why that should not happen. It's all a question of community requests and pressure on the according companies behind that OSs. That pressure could also take share in pure statistics: If people simply buy machines which come with build in OpenSource crypto. That would be the case, if average people (not like us who are subscribed to this geeky mailing list) become more security aware and realize that privacy matters). Call me idealistic, but I think it's up to the community to make that happen.

All the best,
steve

On 2/20/12 2:24 PM, Steve wrote:
> Mozilla is founded by Google.

Mozilla receives funds from Google and others. The "and others" bit is
important.

> Without Google they would be gone.

Without Google Mozilla would have to find other partners. I'm willing
to bet cash money on the barrelhead they already have other partners
lined up in the event this becomes necessary.

> That is not possible when you use mail encryption.

I doubt that whether you use email encryption is really any concern to
Google. Invasive, intrusive email scanning exposes them to all manner
of legal risks, from both civil and criminal law. It's also a public
relations disaster waiting to happen, and could result all manner of
horrific penalties for Google.

Traffic analysis gives them almost as much useful information with much
less risk exposure -- and email encryption doesn't interfere with
traffic analysis.

I'm not a particular fan of Google (or Facebook or what-have-you), but
let's make sure our criticisms of them match up to reality.

> The question is still valid and imo, some pressure from the user
> community might help to bring Thunderbird to the point where it can
> be downloaded containing enigmail.

You're certainly welcome to. If you'd like to see Enigmail bundled with
Thunderbird, then please write the Thunderbird developers a
politely-worded email asking them to look into it. However, talking on
this list (or on the Enigmail user list) about how much you'd like to
see it in Thunderbird is unlikely to achieve anything: the people who
make those decisions are not, as far as I know, on either this list or
Enigmail's list.

> The arguments by Robert seem to be rather minor compared to the huge
> benefit delivery of save communication would bring.

There is virtually nothing OpenPGP can do that S/MIME cannot do. There
are certainly some implementation differences between the two, but in
terms of broad capabilities they're almost identical. If you want email
encryption capabilities, they're already there. If you want OpenPGP
specifically, you'll need to find things OpenPGP can do that S/MIME
can't do, and pitch it to the Thunderbird developers on that score.

> Imagine a world in which Windows and OS X are delivered with
> OpenPGP.

Windows and OS X are delivered with S/MIME already. If people aren't
using S/MIME (and they overwhelmingly are not!), why should we believe
the presence of an OpenPGP suite would change their behavior?

> Call me idealistic, but I think it's up to the community to make that
> happen.

I'm not trying to dissuade you, but the people you need to convince are
not on this mailing list. :)

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

On 2/20/12 2:24 PM, stevebell@gulli.com wrote:
. . .
> Mozilla is founded ["funded" probably] by Google. Without Google
> they would be gone.
> Googles business model is not to protect the user but to analyze him.
> That is not possible when you use mail encryption.
>
> The question is still valid and imo, some pressure from the user
> community might help to bring Thunderbird to the point where it can
> be downloaded containing enigmail.
. . .

Just considering your own points, would you trust an encryption
functionality you thought was written in a way satisfying Google?

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

> . . .
>> Mozilla is founded ["funded" probably] by Google. Without Google
>> they would be gone.
>> Googles business model is not to protect the user but to analyze him.
>> That is not possible when you use mail encryption.
>>
>> The question is still valid and imo, some pressure from the user
>> community might help to bring Thunderbird to the point where it can
>> be downloaded containing enigmail.
> . . .
>
> Just considering your own points, would you trust an encryption
> functionality you thought was written in a way satisfying Google?


Sorry. Funded of course. And to answer your question. No I wouldn't. But would you still trust OpenPGP if it was delivered with every chromebook? Maybe that wouldn't satisfy Google, but I never asked for encryption technology that satisfied Google.

Robert wrote:
> I'm not a particular fan of Google (or Facebook or what-have-you), but
> let's make sure our criticisms of them match up to reality.

You might be correct. But also we all know that if Google has access the US gov does have access as well (other expamples would be dropbox, twitter, …). And although I might only tell my mom to buy 6 egg for a cake I'm going to make, I still don't want them to read that. Neither Google (which you say they don't - but since we can't look into their internal mechanisms we'd have to trust them and if you ask me "do you trust google" I'd rather not) nor the US gov (which we know they do). Why again was it, that europe needed to sign swift-treaty?

>
>> The question is still valid and imo, some pressure from the user
>> community might help to bring Thunderbird to the point where it can
>> be downloaded containing enigmail.
>
> You're certainly welcome to. If you'd like to see Enigmail bundled with
> Thunderbird, then please write the Thunderbird developers a
> politely-worded email asking them to look into it.

Will do.

>> The arguments by Robert seem to be rather minor compared to the huge
>> benefit delivery of save communication would bring.
>
> There is virtually nothing OpenPGP can do that S/MIME cannot do.

Hm, that was also bothering me with the other mails you wrote on this topic earlier. It's already very late here, so bare with me I'm taking this from remembrance. You said due to the fact that the world is very big and web of trust not used much, it can't serve as a good information tool since most likely the signatures will be from people I don't know.

I'm not so sure about that. Wonder why google called the grouping feature in G+ "circle"? We communicate and behave and live in circles. This list is just another circle. And I might know e.g. our beloved Werner Koch from another project than this list. Or I might know Robert from another context than this list. The context might be the same (e.g. computersecurity) but it will still be the same people because at any time only so and so much people are currently dealing with a certain topic with a certain level of expertise. Wouldn't that mean that actually the web of trust should work well?

I think the web of trust is an awesome idea and again (as with encryption in general) it's up to each and every human to make use of those tools. Eventually the web of trust might become very informative indeed.

Isn't the big difference that OpenPGP is a decentralized concept while S/MIME requires centralized infrastructure? And I have to say, currently I'd rather go with decentralized. Again, it boils down to the question of trust. I'd rather trust the web of trust than an anonymous centralized entity for which I don't know why they are in this business and who exactly is behind the curtain of a company name (there is no business with a decentralized web of trust and imo it's much harder to corrupt it).


> There are certainly some implementation differences between the two, but in
> terms of broad capabilities they're almost identical. If you want email
> encryption capabilities, they're already there. If you want OpenPGP
> specifically, you'll need to find things OpenPGP can do that S/MIME
> can't do, and pitch it to the Thunderbird developers on that score.

See above.

>> Imagine a world in which Windows and OS X are delivered with
>> OpenPGP.
>
> Windows and OS X are delivered with S/MIME already. If people aren't
> using S/MIME (and they overwhelmingly are not!), why should we believe
> the presence of an OpenPGP suite would change their behavior?

Again, see above

>> Call me idealistic, but I think it's up to the community to make that
>> happen.
>
> I'm not trying to dissuade you, but the people you need to convince are
> not on this mailing list. :)

I am well aware of that fact. I just wanted to add my thought to this very interesting discussion. And maybe it's us (the people on this list) that can make a change. It has to start somewhere…

All the best, steve

On 2/20/12 7:55 PM, Steve wrote:
> Hm, that was also bothering me with the other mails you wrote on
> this topic earlier. It's already very late here, so bare with me I'm
> taking this from remembrance. You said due to the fact that the world
> is very big and web of trust not used much, it can't serve as a good
> information tool since most likely the signatures will be from people
> I don't know.

I think this is a mischaracterization of my position. My position is,
"PKI is hard." We don't have any tools that can scale up to the size of
the world.

> I'm not so sure about that. Wonder why google called the grouping
> feature in G+ "circle"? We communicate and behave and live in
> circles.

Circles that are increasingly separate from actual physical interaction.
There are a lot of people in my circles I've never met before, which
makes the problem of verifying their keys rather difficult.

Social media will not solve the PKI problem. In many ways it makes it
worse. Social media is predicated around the idea that you have given
up your privacy and anonymity in exchange for being more connected to
the social flow around you. Before Facebook, people who used encryption
and other privacy technologies were looked at by the population at large
as being kind of kooks. Now we're being looked at as if we're about to
step off into the woods with Ted Kaczynski.

The things that we value are increasingly out of step with the things
our society values. And, you know, that's fine: there are *lots* of
communities with values out of step with those of the larger society.
But we should be cautious of thinking that we're going to wave a little
crypto magic fairy dust and suddenly everyone will come to our side of
the privacy fence: they won't, and it doesn't matter how good our
Kool-Aid tastes.

> Wouldn't that mean that actually the web of trust should work well?

The question is not whether we think it should work well, but rather
whether it *does* work well. It doesn't.

> I think the web of trust is an awesome idea and again (as with
> encryption in general) it's up to each and every human to make use
> of those tools.

As long as people have to make a conscious choice to use these tools,
these tools will never become mainstream.

> Isn't the big difference that OpenPGP is a decentralized concept
> while S/MIME requires centralized infrastructure?

Not really. S/MIME is as capable of decentralized behavior as OpenPGP.

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users