Re: [openpgp] OpenPGP private certification
ianG <iang@iang.org> Fri, 10 April 2015 17:25 UTC
Return-Path: <iang@iang.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AFF121A885B for <openpgp@ietfa.amsl.com>; Fri, 10 Apr 2015 10:25:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qJdc60n0RLlr for <openpgp@ietfa.amsl.com>; Fri, 10 Apr 2015 10:25:02 -0700 (PDT)
Received: from virulha.pair.com (virulha.pair.com [209.68.5.166]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5DACA1A8833 for <openpgp@ietf.org>; Fri, 10 Apr 2015 10:25:02 -0700 (PDT)
Received: from tormenta.local (iang.org [209.197.106.187]) by virulha.pair.com (Postfix) with ESMTPSA id CBF576D78E; Fri, 10 Apr 2015 13:25:00 -0400 (EDT)
Message-ID: <5528076B.4040302@iang.org>
Date: Fri, 10 Apr 2015 18:24:59 +0100
From: ianG <iang@iang.org>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:31.0) Gecko/20100101 Thunderbird/31.4.0
MIME-Version: 1.0
To: openpgp@ietf.org
References: <CAA7UWsUz65C0GAQo8Yf7ZOeT9BYy+NLV5pbbPg+Ok0-72ca1eA@mail.gmail.com> <1427243451.10191.375.camel@scientia.net> <5512F137.80702@iang.org> <CAHBU6isgirHnx+gHP+OiHuvhzD+1OTCShCHEkhWcqEmUn9qnzQ@mail.gmail.com> <CAMm+LwiXKf1DvgbHaZoJnKdCVbak-jderv6Z8KDs9xPEbUuYQQ@mail.gmail.com> <1427343948.23692.14.camel@scientia.net> <CAMm+Lwi5bVTujuazTXw7oRty7n5RtsObEfNrJzmbtPiOb-X25g@mail.gmail.com> <m27fu3fsom.fsf@usma1mc-0csx92.kendall.corp.akamai.com> <CAMm+LwjBuZfP4NwRCy23_d9eRtcfUiLKdyZOu+jYT72HfB0g9g@mail.gmail.com> <87vbhlt8tg.fsf@alice.fifthhorseman.net> <CAMm+Lwjo5eyCHNahqWcwUBoaevCw2s3WAeq-2=maW=JEpCFWxA@mail.gmail.com> <sjmvbheioxv.fsf@securerf.ihtfp.org> <CAMm+Lwi4zsnQoX0R0CRbmDceLKi8B3ipHnBvSqNgo8FA8UYh3w@mail.gmail.com> <87mw2i28nr.fsf@vigenere.g10code.de> <CAMm+Lwief440=CdrQrjma1qrFHJYKTZAM5gZ1N9mMVikFvDzSw@mail.gmail.com> <1428498695.5137.17.camel@scientia.net> <CAMm+Lwjq3He8tHRWCOq7gLcps-Zor-m-hk0sMcdbjfKout-nBg@mail.gmail.com> <1428500028.5137.26.camel@scientia.net>
In-Reply-To: <1428500028.5137.26.camel@scientia.net>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/aeD1qy_KyMq5TN-PDhaFjenFyrM>
Subject: Re: [openpgp] OpenPGP private certification
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 10 Apr 2015 17:25:03 -0000
On 8/04/2015 14:33 pm, Christoph Anton Mitterer wrote: > On Wed, 2015-04-08 at 09:23 -0400, Phillip Hallam-Baker wrote: >>> Crypto is not an iPhone. >> Mine is. > Believing that you're secure with a proprietary driven system, from a > company which is known to have worked with mass surveillance > organisation (and if it's just because they were forced so by law), is > naive - at best. No, it's security modelling. It all depends on what the business model is, which defines the threats that one has to deal with. There are plenty of people out there that don't care about the mass surveillance and there are plenty of people in here who do care about it. The reason that people out there don't care about mass surveillance is because they (a) don't see the harm or (b) have bigger harms to worry about. Sometimes valid reasons, sometimes not. We have to remember that the old CIA was something that was taught to us back in the 1990s out of military models. E.g., it made sense to consider the MITM as a big commsec threat when our only experience was MITMs in aggressive military actions -- armies against armies. But the Internet was different, we had different threat actors, different values under protection, and different incentives. There are probably more people out there that don't want authentication than do, or more precisely they want nymity. Canonically, recall all the people (eg) Manning who were caught over the net, and had recorded chat sessions used as evidence against. Having unattributable, untraceable content is actually a goal for many. And things like twitter show how confidentiality isn't really the thing, but they still put everything over the HTTPS so that at least the passive surveillance is turned into active surveillance. etc etc. Your enemy may be the NSA. But for most people most of the time, it's others: aggressive ex-spouses, parents who spy, business partners stealing money, teenagers getting into trouble with photos, etc etc. iang ps; And to echo Phil, my crypto is iPhone too - end-to-end secure payments systems. 'cept, Java only runs on Android ;)
- Re: [openpgp] New encryption formats for messaging Christoph Anton Mitterer
- Re: [openpgp] New encryption formats for messaging ianG
- Re: [openpgp] New encryption formats for messaging Christoph Anton Mitterer
- Re: [openpgp] New encryption formats for messaging ianG
- Re: [openpgp] New encryption formats for messaging Christoph Anton Mitterer
- [openpgp] Manifesto - who is the new OpenPGP for? ianG
- Re: [openpgp] Manifesto - who is the new OpenPGP … Christoph Anton Mitterer
- Re: [openpgp] Manifesto - who is the new OpenPGP … Phillip Hallam-Baker
- Re: [openpgp] Manifesto - who is the new OpenPGP … Falcon Darkstar Momot
- Re: [openpgp] Manifesto - who is the new OpenPGP … Werner Koch
- Re: [openpgp] Manifesto - who is the new OpenPGP … Stephen Paul Weber
- Re: [openpgp] Manifesto - who is the new OpenPGP … Stephen Paul Weber
- Re: [openpgp] Manifesto - who is the new OpenPGP … Wyllys Ingersoll
- Re: [openpgp] Manifesto - who is the new OpenPGP … Clint Adams
- Re: [openpgp] Manifesto - who is the new OpenPGP … Phillip Hallam-Baker
- Re: [openpgp] Manifesto - who is the new OpenPGP … ianG
- Re: [openpgp] Manifesto - who is the new OpenPGP … ianG
- Re: [openpgp] Manifesto - who is the new OpenPGP … Tim Bray
- Re: [openpgp] Manifesto - who is the new OpenPGP … Phillip Hallam-Baker
- Re: [openpgp] Manifesto - who is the new OpenPGP … Christoph Anton Mitterer
- Re: [openpgp] Manifesto - who is the new OpenPGP … John Kreznar
- Re: [openpgp] Manifesto - who is the new OpenPGP … Werner Koch
- Re: [openpgp] Manifesto - who is the new OpenPGP … Phillip Hallam-Baker
- Re: [openpgp] Manifesto - who is the new OpenPGP … Brian Sniffen
- Re: [openpgp] Manifesto - who is the new OpenPGP … Bill Frantz
- Re: [openpgp] Manifesto - who is the new OpenPGP … Phillip Hallam-Baker
- Re: [openpgp] Manifesto - who is the new OpenPGP … Christoph Anton Mitterer
- Re: [openpgp] Manifesto - who is the new OpenPGP … Christoph Anton Mitterer
- [openpgp] OpenPGP private certification [was: Re:… Daniel Kahn Gillmor
- Re: [openpgp] OpenPGP private certification [was:… Phillip Hallam-Baker
- Re: [openpgp] OpenPGP private certification [was:… Daniel Kahn Gillmor
- Re: [openpgp] OpenPGP private certification [was:… Phillip Hallam-Baker
- [openpgp] public logging of e-mail certificates [… Daniel Kahn Gillmor
- Re: [openpgp] public logging of e-mail certificat… Phillip Hallam-Baker
- Re: [openpgp] public logging of e-mail certificat… Daniel Kahn Gillmor
- Re: [openpgp] public logging of e-mail certificat… Phillip Hallam-Baker
- Re: [openpgp] OpenPGP private certification [was:… Derek Atkins
- Re: [openpgp] public logging of e-mail certificat… Brian Sniffen
- Re: [openpgp] OpenPGP private certification [was:… Phillip Hallam-Baker
- Re: [openpgp] public logging of e-mail certificat… Phillip Hallam-Baker
- Re: [openpgp] Manifesto - who is the new OpenPGP … ianG
- Re: [openpgp] OpenPGP private certification Werner Koch
- Re: [openpgp] OpenPGP private certification Phillip Hallam-Baker
- Re: [openpgp] OpenPGP private certification Christoph Anton Mitterer
- Re: [openpgp] OpenPGP private certification Phillip Hallam-Baker
- Re: [openpgp] OpenPGP private certification Christoph Anton Mitterer
- Re: [openpgp] OpenPGP private certification Werner Koch
- Re: [openpgp] OpenPGP private certification Derek Atkins
- Re: [openpgp] OpenPGP private certification Phillip Hallam-Baker
- Re: [openpgp] OpenPGP private certification Phillip Hallam-Baker
- Re: [openpgp] OpenPGP private certification Christoph Anton Mitterer
- Re: [openpgp] OpenPGP private certification Christoph Anton Mitterer
- Re: [openpgp] OpenPGP private certification Phillip Hallam-Baker
- Re: [openpgp] OpenPGP private certification Christoph Anton Mitterer
- Re: [openpgp] OpenPGP private certification Werner Koch
- Re: [openpgp] OpenPGP private certification ianG
- Re: [openpgp] OpenPGP private certification [was:… ianG
- Re: [openpgp] public logging of e-mail certificat… Phillip Hallam-Baker
- Re: [openpgp] public logging of e-mail certificat… ianG
- [openpgp] New encryption formats for messaging David Leon Gil
- Re: [openpgp] OpenPGP private certification Ben McGinnes