On 18/02/2015 10:32 am, Ryan Carboni wrote:
Can't trust anything, except the mail.
Only solution: personally encrypt messages by hand, using computers and
GPG only for transmitting master keys if the keys cannot be delivered in
person.
https://en.wikipedia.org/wiki/PGP_word_list
Wow. I never even knew that existed!
Is there any experience of of the word list in use? Any research?
On the face of it, it would make things a lot easier for ordinary people
to share that hex stuff when doing known key exchanges.
An observation: calling it the PGP word list is just boring. It needs
an exciting name that gets people looking it up out of curiosity.
For my own experiences: with mobile we went through various
incarnations to transfer small keys (not share known keys) and settled
finally on a 4 * 26 character alphabet code. The reason for this was
that most small phones have a switch from numbers to letters, so are
really clunky. And letters are bigger than numbers, so stick with letters.
On the initiating phone it prints the code in huge letters and
underneath the phonetics in smaller type.
iang
_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography
