[conspire] Offering GPG/PGP Workshop at CABAL
gallo.j at gmail.com
Thu May 15 04:05:07 PDT 2008
some very scientific tootsie roll pop-related
Ohh the things you google when you can't sleep...
On Thu, May 15, 2008 at 3:44 AM, Daniel Gimpelevich <
daniel at gimpelevich.san-francisco.ca.us> wrote:
> On Thu, 15 May 2008 00:06:40 -0700, Rick Moen wrote:
> > Quoting Daniel Gimpelevich (daniel at gimpelevich.san-francisco.ca.us):
> >> I am not in any way disputing that to be the current state of affairs.
> >> PhilZ said: "An argument could be made that as a matter of solidarity
> >> the rest of the population you should encrypt your email." If this is
> >> to be accomplished with PGP/GPG, the entire "rest of the population"
> >> be participants in the web of trust. I investigated this possibility a
> >> couple of years ago, and found the OpenPGP functionality in the GPG
> >> software thoroughly incapable of such an endeavor.
> > Having personally wrestled GnuPG into submission for my own use a number
> > of years ago, I was astonished at how utterly user-hostile it was and
> > remains, even by the standards of Unix command-line crypto utilities.
> > (That's one of the reasons I wrote my lecture notes, to compensate in
> > part.) To this day, I can't reliably remember most of its basic
> > command functions, and keep having to pore through its manpage.
> That is way too obvious to mention. I was instead asserting that the PGP
> model is wholly inadequate for the above-stated purpose with regard to GPG
> _even assuming every e-mail user on Earth could magically be able to use
> it properly_.
> > By contrast, the verified PGP "strong set" (http://pgp.cs.uu.nl/plot/)
> > is currently a bit smaller than the total number of "verified users"
> > (whatever that means) CAcert says it services, but there is no
> > bottleneck for scaling at any single point (only a rather excessively
> > geeky technological burden on each individual participant. And I'm
> > guessing that PGP/GnuPG keys are, on average, a good bit more useful,
> > but that's just my guess.
> Ah, now we've come to the quux of the matter: The above assertion is
> absolutely false. There _is_ a scaling bottleneck at _every_ point when
> using GPG. The investigation I mentioned above consisted of an attempt to
> traverse the keys then in my pubring.gpg file as a tree, adding to the
> file every key which was used to sign any key already in the file.
> Evidently, upon every invocation, the gpg command parses the entire file,
> because I found that as the file grew, the wait after invoking gpg before
> gpg would respond in any way also grew. Some time after I got to the point
> where every invocation of the gpg command was taking more than two full
> days to complete, I gave up. I still don't know how many licks it takes to
> get to the center of that Tootsie Roll Pop.
> conspire mailing list
> conspire at linuxmafia.com
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the conspire