[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: end-to-end encryption? SSL? GnuPG?
I agree that your idea of using GnuPG for everything is excellent. The IM
client PSI is only one of many IM programs who now support using GnuPG for
chatting. I agree that websites serving pages using GnuPG and Firefox - and
every other browser out there - supporting it. I agree the idea is excellent,
but .. I seriously doubt GnuPG will replace SSL - ever. But .. I agree it's a
In fact SSL won't be replaced. It will be used together with GPG. SSL is
for preventing different type of attack - preventing eavesdropper
between you and webserver. It is a standardized and widespread solution
so there is no need to abandon it. But it dose not solve the problem of
webmail stored on a webserver.
In fact - if I want to use GPG via webmail, I can't do this in an easy
way. Or I have my keys stored on a webmail server (which is obviously
bad), or I copy GPG'ed text to clipdoard decrypt it and copy it back.
And of course - there is no widespread platform for this. I have to
install GPG. While for using SSL I don't need to install anything.
And there is not just a question of webmail. You can GPG other things on
the web. USENET, blog records, have a database with encrypted content
which is decpryted locally, etc.