Lack of PGP signatures

Timothy C. May tcmay at got.net
Wed Jul 3 14:36:27 PDT 1996


At 7:38 AM 7/3/96, Brad Shantz wrote:

>Once upon a time last year or the year before, Tim May posted why he
>doesn't use PGP very often.  And I have always stood by that same
>sentiment.  Yes, it is a good encryption product, but it is not
>integrated seamlessly into other applications.  Tim, feel free to
>whack me if you think I'm speaking for you.  If, as cypherpunks, we
>want to spread the use of strong crypto, we need to have a better
>interface than what currently exists on PGP 2.6.2.

You are correct in your memory of what I said. My message is somewhere in
the archives...but the archives are of course no longer very available.

I'll make a few brief points:

1. PGP and other crypto tools are not well-integrated into Eudora,
Microsoft Mail, cc:Mail (or whatever), Netscape mail, etc. Sure, various
tools exist, but not out-of-the-box. (Proof that crypto confusion has been
a successful strategy for U.S. authorities.)

2. For me, using PGP means using MacPGP. This means cutting-and-pasting and
extra work. (Given that I often delete messages after only glancing at them
for 5 seconds or less, any additional work is not welcome.)

3. Of course, I will only _decrypt_ messages sent to me personally, for
obvious reasons. And given that I am very open about my political views and
am neither a money launderer nor a conspirator, nor a Horsemen of any other
flavor, most of the PGP-encrypted messages sent to me are banal and PGP use
was unneeded.

(After doing the mumbo jumbo to decrypt a message, I get crap like "Yo,
Tim, just wanted to say that PGP is, like, really kewl. Send me some
encrypted stuff.")

And so on.

I use PGP when I think it is necessary. As to using it _routinely_, at
least signing routinely and checking signatures routinely, it can't be
routine until it is routine.

Why isn't mail in the major e-mail packages _automatically_ signed? Look to
them for answers. Look to the NSA for more answers. Look to Dorothy Denning
for an explanation of why obstacles need to be placed in the path of wider
use of crypto.

(Note to Mac users: before any of you wastes your time composing a message
to me about a new package that makes links to MacPGP through AppleEvents,
it turns out that one has to first install a tool that is only commercially
available, for $$$. Again, obstacles have been placed in the path of easy
and wide use of crypto.)

Finally, a comment. I've never really bought the argument that we should
all be using PGP in all of our messages to set some kind of example or to
provide cover traffic. We don't have to set any kind of example, in my
cosmology. And the "cover traffic" is amply provided by an exponential
increase in Web traffic, alternate routes, new services, etc.

I think crypto tools need to be made easier to use (without installing
additional commercial tools which cost more than the mail package itself),
but until then I will feel no guilt about not using PGP more than I do.

--Tim May

Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Licensed Ontologist         | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."










More information about the cypherpunks-legacy mailing list