why pgp sucks

[Matt Blaze]

>Doesn't having some kind of central record of keys go against
>the principle of PGP?  

The only "principle" of which I'm aware (and particularly interested
in supporting) is that of having widely fielded, useful and strong
privacy and authentication tools that work properly and transparently.
That means, among a great many other things, flexible protocols
and tools that support remote key distribution services.

As much as people want to believe that privacy can be reduced to
some kind of romantic struggle between the evil forces of Centralization
(PEM?) and the civilizing forces of Anarchy (PGP?), the world most
of us live in is a lot more complex than that.

More seriously, the problem that Perry brought up is that it's hard
to deploy any kind of scaleable key distribution infrastructure
that works with PGP (as it currently exists - and yes, I realize
there are work-arounds for some specific situations).  That, as well
as other shortcomings (like its fixed trust/certification model)
that work against its serious use, make it doubtful that PGP 2.x
has much long-term future as anything other than a plaything for
nerds like us.  Hopefully, PGP and other good tools will evolve to
work well on a larger scale before Microsoft has a chance to give
everyone what _it_ thinks the world needs.

(I'm not trying to attack anyone here, by the way - part of the
problem is that we're just now learning what the privacy problems
of the real world even _are_.  Experimental tools like PGP are
important as much for providing experience and exposing problems
and limitations as they are for their immediate function.  Indeed,
the fact that PGP and PEM are as useful as they are may actually
work _against_ the spread of really large-scale crypto tools; the
people who they are aimed at stay happy while the rest of the world
never finds out what it's missing.)

-matt