IETF Logo Mail Archive

Re: pgp signing in van

Ted Lemon <Ted.Lemon@nominum.com> Mon, 09 September 2013 21:27 UTC

Return-Path: <Ted.Lemon@nominum.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 382F311E80E9 for <ietf@ietfa.amsl.com>; Mon, 9 Sep 2013 14:27:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.409
X-Spam-Level:
X-Spam-Status: No, score=-106.409 tagged_above=-999 required=5 tests=[AWL=0.190, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HJfixbOyAzie for <ietf@ietfa.amsl.com>; Mon, 9 Sep 2013 14:27:17 -0700 (PDT)
Received: from exprod7og110.obsmtp.com (exprod7og110.obsmtp.com [64.18.2.173]) by ietfa.amsl.com (Postfix) with ESMTP id 550CD11E8156 for <ietf@ietf.org>; Mon, 9 Sep 2013 14:27:09 -0700 (PDT)
Received: from shell-too.nominum.com ([64.89.228.229]) (using TLSv1) by exprod7ob110.postini.com ([64.18.6.12]) with SMTP ID DSNKUi49LPBBHC9y/FO652Ug8p1XOWHBcck1@postini.com; Mon, 09 Sep 2013 14:27:09 PDT
Received: from archivist.nominum.com (archivist.nominum.com [64.89.228.108]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "*.nominum.com", Issuer "Go Daddy Secure Certification Authority" (verified OK)) by shell-too.nominum.com (Postfix) with ESMTP id CFEE01B821D for <ietf@ietf.org>; Mon, 9 Sep 2013 14:27:08 -0700 (PDT)
Received: from webmail.nominum.com (cas-01.win.nominum.com [64.89.228.131]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (Client CN "mail.nominum.com", Issuer "Go Daddy Secure Certification Authority" (verified OK)) by archivist.nominum.com (Postfix) with ESMTPS id C9933190074 for <ietf@ietf.org>; Mon, 9 Sep 2013 14:27:08 -0700 (PDT) (envelope-from Ted.Lemon@nominum.com)
Received: from MBX-01.WIN.NOMINUM.COM ([64.89.228.133]) by CAS-01.WIN.NOMINUM.COM ([64.89.228.131]) with mapi id 14.02.0318.004; Mon, 9 Sep 2013 14:27:09 -0700
From: Ted Lemon <Ted.Lemon@nominum.com>
To: "<ietf@ietf.org>" <ietf@ietf.org>
Subject: Re: pgp signing in van
Thread-Topic: pgp signing in van
Thread-Index: AQHOqpqEB3VH/4NMm0OmqkHjUm9ALJm5aiMAgABaqYD//9WJAIAARlSA///KM4CAAFZ3gIAC1QGAgAAEoYCAAPmWgIAAFPEAgABoNQCAAAGxAIAAEV0AgAACEoA=
Date: Mon, 09 Sep 2013 21:27:08 +0000
Message-ID: <8D23D4052ABE7A4490E77B1A012B63077527DA67@mbx-01.win.nominum.com>
References: <m2zjrq22wp.wl%randy@psg.com> <2309.1378487864@sandelman.ca> <522A5A45.7020208@isi.edu> <CA2A6416-7168-480A-8CE1-FB1EB6290C77@nominum.com> <522A71A5.6030808@gmail.com> <6DE840CA-2F3D-4AE5-B86A-90B39E07A35F@nominum.com> <CAPv4CP_ySqyEa57jUocVxX6M6DYef=DDdoB+XwmDMt5F9eGn1A@mail.gmail.com> <18992.1378676025@sandelman.ca> <8D23D4052ABE7A4490E77B1A012B63077527BC7A@mbx-01.win.nominum.com> <13787.1378730617@sandelman.ca> <8D23D4052ABE7A4490E77B1A012B63077527C8AB@mbx-01.win.nominum.com> <3CC64F25-183D-4E8D-868F-A0AAC2B2D04F@danyork.org> <8D23D4052ABE7A4490E77B1A012B63077527D64A@mbx-01.win.nominum.com> <alpine.LRH.2.01.1309091346550.28117@egate.xpasc.com>
In-Reply-To: <alpine.LRH.2.01.1309091346550.28117@egate.xpasc.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [192.168.1.10]
Content-Type: text/plain; charset="Windows-1252"
Content-ID: <7FB6C6669D75B34A8B6FDDD66798BAC4@nominum.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Sep 2013 21:27:31 -0000

On Sep 9, 2013, at 5:19 PM, David Morris <dwm@xpasc.com> wrote:
> On Mon, 9 Sep 2013, Ted Lemon wrote:
> 
>> It might be worth thinking about why ssh and ssl work so well, and PGP/GPG don't.
> 
> Umm, I question a conclusion that either ssh or ssl work well.

It's in widespread use.   Hence, it works well.   I agree that it could work better, but that's not what I mean by "work well."   PGP/GPG are _not_ in widespread use, and it is in that sense that I am suggesting that they do not "work well."

Maybe a better way of putting it is that they are successful protocols, in the RFC 5218 sense.   None of the issues you mention are protocol issues—they are all usability issues, and the reason they haven't been addressed is that the underlying mechanism works so well people do what they have to to overcome the usability issues.

None of which should be taken as discouragement for doing something about the usability issues, should you be willing to spend time on that.

v2.23.0 | Report a Bug | By Email