[clug] GnuPG?

[Sam Couter]

Paul Warren <u3292467 at anu.edu.au> wrote:
> I've finally got around to looking into GnuPG and PGP stuff.  I have 
> enigmail setup with thunderbird-0.5, and even have my public key up on 
> my web site, and the default key server.

Excellent.

> Hardly anyone I communicate with regularly uses any form of PGP, so is 
> there really any point? Other than to maintain my geekiness of course.

Do you need another reason?

When you find you really need a GPG key, it'll be too late to generate
one and get it signed by appropriate people. The key you generate in an
emergency will be next to useless because nobody will trust it.

But now you have a key that you can collect signatures on. Your key
becomes more useful (better trusted) with each signature it collects.
Then, when the time comes and you *really need* a key, you've got a
widely trusted key already.

Some other reasons to use GPG even if it's not absolutely necessary:

1) When most email is signed/encrypted as a matter of course,
signed/encrypted email becomes inconspicuous. This increases the cost of
an attack against a particular email message (which message? The
encrypted one? They're all encrypted!) and decreases the likelyhood of a
successful attack.

2) When people notice your GPG signature, they may ask you about it.
Take the chance to educate people. Push towards a world in which most
email is signed/encrypted, and plain text email is the anomaly.

http://clan.cyaccess.com/?menuref&pgpfaq#pgp-why
-- 
Sam "Eddie" Couter  |  mailto:sam at couter.dropbear.id.au
Debian Developer    |  mailto:eddie at debian.org
                    |  jabber:sam at teknohaus.dyndns.org
OpenPGP fingerprint:  A46B 9BB5 3148 7BEA 1F05  5BD5 8530 03AE DE89 C75C
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.samba.org/archive/linux/attachments/20040403/f40da8e9/attachment.bin