On Thu, 2008-01-17 at 07:05 -0800, chris# wrote: > > Server side GPG requires quite a bit of trust on the part of the user. > > *Especially* in the USA. The only way the user can ensure privacy is to > > do it on the client side. I would not want to promote a solution that > > hands the keys over to an email provider that can be ordered to intercept > > *and* not be allowed to notify the end user. > > I tend to think it is more a matter of using a mail host that you trust. As > in most > of the cases where I've used gpg/pgp, it was server-side. I mean really, if > you > can't trust them with your keys, why would you trust them with your mail?
because encryption is used for communication over un-trusted parties :) so one can use a provider which cannot be trusted to "tunnel" trusted emails. appart from that, i can clearly see the advantages of server-side encryption: - no need to mess with all browsers (no need for firegpg or more js) - might be faster (server may use compiled code and may have more power) - can be done in the background so you may continue to check mails - you do not need to carry your key arround with you and/or - you can encrypt mails on untrusted computers depending on the amount of work involved, i would let the user choose the way he wants to go ;) cheers, raoul -- ____________________________________________________________________ DI (FH) Raoul Bhatia M.Sc. email. [EMAIL PROTECTED] Technischer Leiter IPAX - Aloy Bhatia Hava OEG web. http://www.ipax.at Barawitzkagasse 10/2/2/11 email. [EMAIL PROTECTED] 1190 Wien tel. +43 1 3670030 FN 277995t HG Wien fax. +43 1 3670030 15 ____________________________________________________________________ _______________________________________________ List info: http://lists.roundcube.net/dev/
