[clue-tech] Some thoughts about GnuPG.

David L. Anselmi anselmi at anselmi.us
Sat Sep 4 20:14:37 MDT 2010


Jed S. Baer wrote:
> On Sat, 04 Sep 2010 17:32:31 -0600
> David L. Anselmi wrote:
>> (Not much different than the
>> current problem with identity theft, except that *you* are suffering
>> from the lack of care by *others*.)
>
> Yep, that's the problem. To say nothing of people carelessly forwarding
> things. I've noticed that the modus operandi of newcomers to electronic
> communication is to just forward stuff.

Hmm, so I meant that identity theft currently is a failure on someone else's part that you suffer 
from.  So allowing people to suffer from their own failures doesn't bother me so much.

If you mean that you'll suffer because they forward secrets you send them, encryption has never been 
a fix for that.  You want an NDA.

> Well, I was using 'complexity' as a proxy for entropy, which I admit I
> still don't really understand anyway, so maybe that was a bad thing to
> do. But it's possible for long keys to be less complex than shorter ones.
> At least the way I'm using the term. Suppose you use only capital letters
> in your phrase. A somewhat shorter phrase which uses mixed case,
> punctuation, numbers, and spaces, is better. I hope that made sense. ;-)

I understand what you mean.  Now that I think about it, it's obvious: shorter with more 
possibilities is exponentially (literally) harder to guess than longer with fewer possibilities.

Eventually people can't keep up and you have to let machines do it.  Where's my smart card?

Dave


More information about the clue-tech mailing list