I think there are two distinct problems here. And they are getting munged together and misunderstood b/c Twitter.
1. For a vast number of users who want secure *messaging*, PGP+e-mail is the wrong (and perhaps a dangerous) choice.
1. For a vast number of users who want secure *messaging*, PGP+e-mail is the wrong (and perhaps a dangerous) choice.
2. For the small subset of expert users who have some other application and/or are using it for some extremely careful messaging application, it is still bad crypto that should be replaced with something better.
For the first set of users and for users who don’t know explicitly that they’re in set (2), my strong recommendation is: use a secure messaging platform.
Are these perfect? No. But neither will the PGP+SMTP hybrid these users cook up. In fact it will be *much much* worse.
Are these perfect? No. But neither will the PGP+SMTP hybrid these users cook up. In fact it will be *much much* worse.
(Like worse to the degree that I think it’s *strongly* unethical to send vulnerable non-expert users into the PGP ecosystem. I really get steamed about that.)
Regarding the expert users and special applications of set (2): I think that the problem with PGP is that it’s *bad crypto*. And bad tooling.
Its probably true you’re an expert you can use bad tooling safely. But I have a counterproposal: let’s make better tools.
Its probably true you’re an expert you can use bad tooling safely. But I have a counterproposal: let’s make better tools.
The great advantage of focusing case (2) is that we have a relatively tiny slice of users. And they’re already using PGP in specific ways that largely negate both the flaws of PGP *and* many of the advantages of using a standardized, legacy protocol like OpenPGP.
These users generally don’t need a protocol to be backwards compatible with clients written in 1997. They don’t need CAST5 support and complex extensible file formats. They need modern, secure crypto and some simplified key management.
For these users we should be promoting replacement tools, one use-case at a time. Need to encrypt large files on a server? Use a solid tool with that use case in mind, and not GnuPG. Need to email a small set of people? Ditto. Need signing? Ditto.
Some of these tools are either relatively unknown or don’t exist yet. This is a huge TODO item for the talents of the crypto engineering community. Which are considerable, and largely *not* going into OpenPGP/GnuPG which has entered a bad legacy mode.
But those talents aren’t going to be coordinated and applied as long as people are dogmatically claiming that OpenPGP/GnuPG are “good enough”, or worse, claiming that anybody who says differently is “attacking” PGP or putting lives at risk.
So from my perspective, step one is identifying that we have a problem. Then step two is fixing that problem. And people are doing that: saltpack.org etc.
Anyway. That’s what I think. Maybe I’ll just cite this thread instead of repeatedly making the same points.
@threadreaderapp please unroll
@threadreaderapp please unroll
