From: Just Rich <rich@c2.org>
Date: Tue, 5 Mar 1996 07:54:08 +0800
To: Louis Freeh <cypherpunks@toad.com>
Subject: Re: Mainstreaming PGP on Usenet
In-Reply-To: <199603040500.XAA06840@manifold.algebra.com>
Message-ID: <Pine.SUN.3.91.960303211113.15462F-100000@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 3 Mar 1996 ichudov@algebra.com wrote:

> Dr. Dimitri Vulis wrote:
...
> > Igor Chudov, who coded the robomoderator, reads Cypherpunks, and
> > is known to appreciate and use good suggestions.
> 
> Indeed. If you indicate your interest, I can post here a more or less
> full description of the robomoderator, how it implements secure
> exchange between itself and human moderators, verifies submissions,
> and signs approved articles for posting (it uses PMApp by Greg Rose).

It sounded cool (as heard on the moderator's list), but too complex for my
needs, and I think it required some stuff I don't have. Of course, for a
higher-traffic group, it's worth it. I don't see a way around the problem. 

... 
> > (Of course, some people have what they believe to be valid reasons not
> > to use PGP.)
> 
> Sorry if this question will provoke a mini flamewar, but what are
> such reasons?

1. If you're like me and you habitually read your mail online on a host on
the Internet, no matter how secure, then that's a security risk. Of course
one could, and many people do, create multiple PGP keys, one for casual
authentication and encryption online, and another held in check for stuff
that needs to be secure. I just don't bother with a "10% secure" key for 
cpunks and casual mail, though I do sign most of my Usenet posts.

2. If you send a PGP-signed message to a non-PGP-aware list, there will 
be questions, and sometimes ridicule. Sometimes this is an opportunity 
for education, sometimes it's just not worth the trouble.

3. Using PGP may attract the unwelcome attention of hostile local or
foreign governments, or possibly other armed thugs. 

4. "It's too hard."

-rich