On Thu, Nov 5, 2015 at 10:35 PM, Dan Egli <[email protected]> wrote: > On Wednesday, November 4, 2015, Jonathan Duncan wrote: > >> I used to participate in the Web of Trust, before it died. Since then I > >> have not found much traction for signing my email messages. When I need to > >> pass messages securely I have found other alternatives. > > > > So you think the days of PGP/GPG are dead? I am not sure I could agree with > this idea. Although it's true that many people don't bother signing > messages with crypto keys anymore, I tend to still think there's some usage > for GPG and it's cousins, even in email. Part of the problem has always > been that people don't want to take the time to either manually sign the > message (which can be a pain) or setup a utility that will let them > automate it. If we could get past that laziness, I think there would be a > huge resurgence of interest in PGP/GPG.
Certainly not. PGP/GPG itself is not dead. It is used frequently and constantly for signing and encryption purposes. Most distros use PGP to sign and verify packages, is a great example of this. Jonathan was referring to PGP key signing (eg. it's Web of Trust) seems pretty dead. Only the very few hobbyists/activists still do keysigning. Consider participation at key signing parties compared to total parent event participation. Even among tech/security enthusiasts, it's not very interesting/important. We can debate the reasons most Web of Trust systems fail all day, and probably will. But it doesn't detract from the other capabilities of PGP, SSL, etc. /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
