Relevance of PGP?
Edward Ned Harvey
blu-Z8efaSeK1ezqlBn2x/YWAg at public.gmane.org
Fri Jun 10 08:12:38 EDT 2011
I am very surprised to hear people using the term "PGP" as if it were
synonymous with "Email signing/encryption." As far as I'm concerned, S/MIME
has already won the war on email signing/encryption. Go get a free
certificate from startssl.com, and voila. (See here:
http://tinyurl.com/6xegsux and http://tinyurl.com/685jpn8 ) There is no
need to do a key exchange with anyone - The browser already has a list of
trusted SSL CA's, and anyone receiving your mail is automatically able to
verify the integrity. Every mail client supports it, it's way more
intuitive and simple to use than PGP.
But anyway, I make a habit of signing most of my mail (there's a checkbox to
make that automatic, so I actually don't do anything at all.) And then
whenever I want to email passwords or some other sensitive info with
somebody, it's a breeze to simply click the "encrypt" button.
The days of saying "Don't email passwords" and "Email is insecure" are not
over. But you can certainly solve it on an as-needed basis.
More information about the Discuss
mailing list