On 21/07/13 13:32, Ben Finney wrote: > Adam Bolte <[email protected]> > writes: > >> Since I imagine a lot of people interested in free software would also >> be big on privacy, I would like to know what other people here think >> of the idea of leaving GPG encryption on by default. Does anyone >> practise it? Is there any good reason why we shouldn't? > > I think it's a good idea: opportunistic encryption (when I'm sending a > point-to-point message, e.g. email, and if it appears I can encrypt that > message such that the other end can decrypt it, I should go ahead and do > it without checking further) is a way to increase awareness of and > proficiency with encryption. > > What stops me, frequently, is key management. I am often sending > messages (such as this one) composed and sent from a remote server which > I share with several other people. I think it'd be poor security to have > my GPG secret key stored there, where others with only a loose trust > relationship have access to crack it if they choose.
That's a good point. If only there was some sort of good gpg-agent forwarding solution. I've seen various hacks, but nothing good enough to recommend.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Free-software-melb mailing list [email protected] http://lists.softwarefreedom.com.au/cgi-bin/mailman/listinfo/free-software-melb Free Software Melbourne home page: http://www.freesoftware.asn.au/melb/
