|
|
|
|
|
|
by tptacek
4608 days ago
|
|
|
For two reasons: because it has a UX that hasn't changed meaningfully since the mid-1990s (GUI tools for GPG/PGP tend simply to wrap the command line UX), and because it presumes that the only reasonable way to use a tool like GPG is to exert fine-grained control over keys and identity. Email needs to be encrypted opportunistically, without user intervention. GPG could do this; it could generate semi-ephemeral keys as needed and use key continuity, like OTR, to figure out which keys were kosher for which addresses. Instead, GPG exposes to its users the metaphor of a "key ring" with different kinds of keys and key signatures. That model works for people like me, who use it to secure corp-to-corp communications where I have very specific and fussy requirements for whose keys I'm interacting with. But it doesn't work for end-users at all. Someone should write a secure-by-default email client that uses the OpenPGP message format and is compatible with GPG, but that ignores the intended GPG security model entirely. |
|
|
1. A UX that is... Hard. As you say. See the last few minutes of this talk I did: http://youtu.be/LjZk8PP-u3c
2. You can't PGP with webmail.
3. You can't PGP on mobile.
4. This means that unless you're on your desktop, you can't do things like search through older emails, which is really important.
5. It requires both people to use PGP.
I fully agree with your final sentiment. If I could fork myself, this is one of the things I'd be putting a ton of time into.