Peter Kretzman writes: | I have no idea if these numbers correlate well to actual PGP use | (these are, after all, just the people who are activist enough to | post their key on the public key server, which also requires some | degree of Internet connectivity). If the numbers DO correlate to | some degree, I thought it was interesting that they appear to show a | recent decline in usage rather than a steady ramp-up. Is the trend | toward universal crypto slacking off? I doubt it. It took me a while to get comfortable enough with PGP that I bothered sending in my key. I generated it in December, mailed it to a server in February. Mailing keys to servers is convienent, but only if you're connected to a web of introducers. Since I'm not, only one person has signed by key, and I his, preperatory to some useful work with PGP. So there really isn't much point to my sending a key to a keyserver, since, by and large, none of you know who I am. Admittedly, I could sign all my (2) messages to the list, and start to gain a reputation connected strongly to a key, but I don't think many people care if my messages are from me, because I am (effectively) annonymous. None of you (with a few exceptions) know me, or who I am. Whoever posts under my name could be me for all you care. If I was Mitch Kapor, then I might sign messages to ensure clarity of identity. Since the worst any message claiming to be from me would do is make me look silly, I don't bother to sign them. When I use PGP to confirm an identity, I exchange keys & then fingerprint over the phone. Since I don't know any of you, I don't have reason to get your keys, nor throw give mine to a server. So, I think that using the keyservers as a gauge of the popularity of PGP is not a good idea. Adam -- Adam Shostack adam@bwh.harvard.edu Politics. From the greek "poly," meaning many, and ticks, a small, annoying bloodsucker.