1995-02-10 - why pgp sucks

Header Data

From: Greg Broiles <greg@ideath.goldenbear.com>
To: mab@crypto.com
Message Hash: ec3ff36fd74afab03321afc7abf7438b757186eb82857a1d8c35e47a4db453a8
Message ID: <199502102348.AA09436@ideath.goldenbear.com>
Reply To: N/A
UTC Datetime: 1995-02-10 23:54:49 UTC
Raw Date: Fri, 10 Feb 95 15:54:49 PST

Raw message

From: Greg Broiles <greg@ideath.goldenbear.com>
Date: Fri, 10 Feb 95 15:54:49 PST
To: mab@crypto.com
Subject: why pgp sucks
Message-ID: <199502102348.AA09436@ideath.goldenbear.com>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----


Matt Blaze, quoting Greg Morgan, wrote:

> >Doesn't having some kind of central record of keys go against
> >the principle of PGP?  

> The only "principle" of which I'm aware (and particularly interested
> in supporting) is that of having widely fielded, useful and strong
> privacy and authentication tools that work properly and transparently.

I think the centralization/decentralization confusion comes from PGP's
decentralized approach to key generation and authentication, which has
been hailed as a good thing. As long as folks can generate their own
keys, sign their friends' keys, and upload their keys to servers at 
their own discretion, I can't see what would make a centralized or
standardized distribution method harmful.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLzv7I33YhjZY3fMNAQGVbAP/Sm8rXLFDXU4te0mBEhmi6CaAbvHTPqRZ
kce6+auO1T/3ypEi0c0D2QCJ7mS3Xx/g/n42mHhJHzt5ClhuHlhDRyjOV2rGBpWX
OElxuVFpcSIlUnnQ2cvju9k8cDtHnXN+crmmjUXxvqmUB371eyOZ6E140nxfxo2/
JqWBXLFPvpI=
=AL3C
-----END PGP SIGNATURE-----




Thread