why pgp sucks
Al Thompson
alt at iquest.net
Fri Feb 10 23:27:57 PST 1995
>"Perry E. Metzger" <perry at imsi.com> writes:
>>I'll also note, yet again, that unless PGP quits this bad practice of
>>identifying counterparties only by a number, it is NOT going to be
>>universally deployed. Counterparties need to be identified by a name
>>that can be looked up in the DNS -- meaning "joe at foo.com" rather than
>>some key ident number.
>
>PGP of course looks up keys by strings in addition to numbers. A widely
>accepted practice is to use <joe at foo.com> in the user ID which allows the
>lookups to be by internet address. PGP was intended for use beyond the
>internet, such as in bbs's, fidonet, corporate networks, etc., where DNS
>style addresses may not be useful.
I would prefer that PGP would not give out ANY info about addressees. It
would seem to me that it is quite a security breach to have PGP dutifully
tell you to whom it is addressed.
************************************************************
* Just your basic signature block *
* *
* Al Thompson *
* Fidonet 1:231/110 *
* alt at iquest.net *
************************************************************
More information about the cypherpunks-legacy
mailing list