On Mon 15 August 2011 19:04:45 Dimitrios Bogiatzoules did opine
thusly:
> Anselm Lingnau said the following on 15.08.2011 18:13:
> > Dimitrios Bogiatzoules wrote:
> >> Maybe 1.5.2 could be used to introduce public key
> >> encryption...
>
> [...]
>
> > Do note that I'm all in favour of increasing awareness of
> > public-key encryption (and, in particular, the problems with
> > it) within the general user community. However, I do not think
> > this makes sense in the context of an introductory Linux exam.
>
> Still, it would be great if there was a way to transport the ideas
> of public/private key and the web of trust to an average user,
> since the MQC "Has a basic appreciation of system security,
> encryption and user/groups and file permissions." [MQC description,
> http://wiki.lpi.org/wiki/LinuxBasics#Minimally_Qualified_Candidate_D
> escription].
>
> I agree that this is not always easy and I must confess I have no
> idea how long a training for this programme would be or how a valid
> item would look alike, but it's still a draft ;-)
I can give some anecdotal evidence - training the average user in a
large (corporate) ISP takes about 8 hours to get them through
asymmetric and symmetric encryption (ssh and gpg keys)
The user profile is first and second level phone and mail support,
they need to ssh onto a Linux jumphost and thence telnet to Cisco
routers and answer customer queries. The have something of a technical
knack but by and large do not know *nix at all.
A monkey-see monkey-do approach using a wiki page with screenshot
telling them where to click inside PuTTY is about an hour of work but
results in someone who can connect but has no idea how and can
therefore not answer exam questions on the matter.
The simple truth is that encryption is hard. Really really hard, and
just as hard to teach. My experience is that it's a case of either
deal with it in depth, or keep it real simple ("don't mail the private
key around" simple)
--
alan dot mckinnon at gmail dot com
_______________________________________________
lpi-examdev mailing list
[email protected]
http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
