From: alt@iquest.net (Al Thompson)
Date: Fri, 10 Feb 95 23:27:57 PST
To: Hal <hfinney@shell.portal.com>
Subject: Re: why pgp sucks
Message-ID: <m0rdCF4-000E2cC@dorite.use.com>
MIME-Version: 1.0
Content-Type: text/plain


>"Perry E. Metzger" <perry@imsi.com> writes:
>>I'll also note, yet again, that unless PGP quits this bad practice of
>>identifying counterparties only by a number, it is NOT going to be
>>universally deployed. Counterparties need to be identified by a name
>>that can be looked up in the DNS -- meaning "joe@foo.com" rather than
>>some key ident number.
>
>PGP of course looks up keys by strings in addition to numbers.  A widely
>accepted practice is to use <joe@foo.com> in the user ID which allows the
>lookups to be by internet address.  PGP was intended for use beyond the
>internet, such as in bbs's, fidonet, corporate networks, etc., where DNS
>style addresses may not be useful.
 
I would prefer that PGP would not give out ANY info about addressees.  It 
would seem to me that it is quite a security breach to have PGP dutifully 
tell you to whom it is addressed.  
 
************************************************************
*           Just your basic signature block                *
*                                                          *
*  Al Thompson                                             *
*  Fidonet 1:231/110                                       *
*  alt@iquest.net                                          *
************************************************************