From: bshantz@spry.com
To: cypherpunks@toad.com
Message Hash: a5205e91f519a650e865d5f1d296db220df6f022f1d8d019fa40a1e54823b602
Message ID: <199412211837.KAA09590@homer.spry.com>
Reply To: N/A
UTC Datetime: 1994-12-21 18:37:18 UTC
Raw Date: Wed, 21 Dec 94 10:37:18 PST
From: bshantz@spry.com
Date: Wed, 21 Dec 94 10:37:18 PST
To: cypherpunks@toad.com
Subject: Re: GUI: PGP vs novices
Message-ID: <199412211837.KAA09590@homer.spry.com>
MIME-Version: 1.0
Content-Type: text/plain
Thomas Grant Edwards Writes:
>PGP has made me more crypto aware, but at this point neither I nor most of
>the crypto aware people I personally know feel there is a need to either
>encrypt or sign messages on a regular basis.
It is my own personal opinion that in order for crypto to truly become
mainframe, the software manufacturers of internet connectivity packages must
integrate crypto into the applications. Look at the past threads here on
Cypherpunks..."How do I write a script to put PGP into ELM?" "PGP DLL
modularity" etc.
In order to bring crypto to the masses, we have got to convince people that it
is necessary. We also must make it "second nature". It sure is nice to have
a menu option or a toolbar button that will encrypt plaintext automatically.
Key management and some of the "high tech" (I know, for us it's nothing, but
for my dad who just bought a computer and doesn't understand the difference
between click, double click, and drag, crypto is a really high tech thing just
in itself.) things of crypto should not be directly handled by the user.
(Optional of course. On a privacy level, the user should have full control.
But give the user a break...if the software is secure..as such...so is the
user's privacy.)
You will notice that this message is not signed. That's because in order to
sign it, I would need to save my message, hop out to a DOS box, PGP encrypt
it, hop back to my mail program and insert the encrypted mail as a text file.
That's enough to discourage the average user. This is pretty much what Tim
May was talking about when he discussed why he doesn't sign his messages.
It's not that he couldn't... it's just not practical for him. It's not really
practical for me either, but I do it when I feel it's necessary.
The only way to make crypto practical is to basicalloy hide the technical side
from the user and make it easy.
That's my two cents.
>>>>>>>>>>>>>>>>>>>>>INTERNETWORKING THE DESKTOP<<<<<<<<<<<<<<<<<<<<<<<
Brad Shantz bshantz@spry.com
Senior Software Engineer
SPRY Inc. Direct #: (206)-442-8251
316 Occidental Ave. S. Main #: (206)-447-0300
Suite 316 Fax #: (206)-447-9008
Seattle, WA 98104 WWW URL: http://WWW.SPRY.COM
----------------------------------------------------------------------
PGP Public Key at: http://www-swiss.ai.mit.edu/~bal/pks-toplev.html
Or email: pgp-public-keys@pgp.ai.mit.edu Subj: GET bshantz
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>><<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
Return to December 1994
Return to “Thomas Grant Edwards <tedwards@src.umd.edu>”