Thanks for the discussion. Now my thoughts about e-mail encryption
problems. Hopefully I'm not repeating too much those usual and often
repeated issues.
I will use generic "me" and "you" in the following paragraphs but they
don't mean anyone. Just place yourself in either role to see the point.
- I may send an innocent private plain text message to you without
knowing that your employer, family member or bigger adversary reads
your mail. I do not understand that the topic is controversial in
your country, company, community, family and you get into trouble.
- You are serious about privacy and encryption but you may not see why
I want encryption because you don't have the same adversaries or
concerns as I do. I may need to explain those adversaries or fears
to you but maybe I don't want to. "Please keep this correspondence
encrypted but I can't explain the details." After all you decide how
seriously you take my wish and I can't do much about it.
- I may live in a nice, free and happy country which have seen
peaceful times years and years. All fears are long gone and
forgotten. Those rare people who worry about things must have
personal mental issues. It has become normal for me to laugh at such
weird people, and even an encrypted message from other country
doesn't ring a bell in my mind. I write plain text reply because I
just don't bother and can't see any point in encryption.
- "OpenPGP is fundamentally broken and must go away for good," you
think. Even if the opinion is partly justified it makes you overlook
important subtleties. Because of that attitude you may end up
revealing some of my secrets.
Plus all the technical problems written in various blog posts and
articles.
--
/// Teemu Likonen - .-.. https://www.iki.fi/tlikonen/
// OpenPGP: 6965F03973F0D4CA22B9410F0F2CAE0E07608462
Attachment:
signature.asc
Description: PGP signature