Adam Bolte <>

> Since I imagine a lot of people interested in free software would also
> be big on privacy, I would like to know what other people here think
> of the idea of leaving GPG encryption on by default. Does anyone
> practise it? Is there any good reason why we shouldn't?

I think it's a good idea: opportunistic encryption (when I'm sending a
point-to-point message, e.g. email, and if it appears I can encrypt that
message such that the other end can decrypt it, I should go ahead and do
it without checking further) is a way to increase awareness of and
proficiency with encryption.

What stops me, frequently, is key management. I am often sending
messages (such as this one) composed and sent from a remote server which
I share with several other people. I think it'd be poor security to have
my GPG secret key stored there, where others with only a loose trust
relationship have access to crack it if they choose.

 \              “When cryptography is outlawed, bayl bhgynjf jvyy unir |
  `\                                              cevinpl.” —Anonymous |
_o__)                                                                  |
Ben Finney

Free-software-melb mailing list

Free Software Melbourne home page:

Reply via email to