On 09/09/2013 05:17 PM, Ted Lemon wrote: > On Sep 9, 2013, at 4:11 PM, Dan York <dan-ietf@xxxxxxxxxxx> wrote: >> Even in the groups where PGP was (and is) being used, usage is >> inconsistent in part because people are now accessing their email >> using different devices and not all of them have easy access to >> PGP/GPG. If you receive an encrypted message... but can only read >> it on your laptop/desktop and not your mobile device, and you are >> not near your laptop/desktop, how useful is the encryption if you >> need to read the message? You have to either wait to get back to >> your system or ask the person to re-send unencrypted. > > It might be worth thinking about why ssh and ssl work so well, and > PGP/GPG don't. Just a quick guess: SSL works automagically, PGP doesn't. So even if the user doesn't care, SSL is there. PGP, OTOH, usually requires explicit installation of a plug in and weird stuff (for mere mortals) such as generating keys, etc. ssh is typically use by techie people, that realize that e.g. doing remote login is a bit crazy -- so if you're going to do remote login, you're certainly going to use ssh (additionally, support for telnet is disabled by default). OTOH, how many encrypted and/or authenticated emails does an average user sends a year? (Not to mention the fact that at the end of the day, you can manually check the ssh keys "once and for all" in a secure way, whereas with PGP it's *extremely* often that people that use PGP don't get the habit of sharing their keys in a secure way when they have the chance to -- for instance, why doesn't everyone include their fingerprint on their personal cards?) Cheers, -- Fernando Gont SI6 Networks e-mail: fgont@xxxxxxxxxxxxxxx PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492 -- Fernando Gont e-mail: fernando@xxxxxxxxxxx || fgont@xxxxxxxxxxxxxxx PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1