[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sks-devel] searching for beta users

From: Dmitry Yu Okunev (
Subject: Re: [Sks-devel] searching for beta users
Date: Mon, 09 Dec 2013 16:31:03 +0400
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130623 Thunderbird/17.0.7

On 12/09/2013 04:20 PM, Frank Villaro-Dixon wrote:
> On 13-12-09 12:56:09, Stephan Seitz, wrote 2.6K characters saying:
>> Hi there,
> Hi,
>> Am Samstag, den 07.12.2013, 13:27 +0100 schrieb PGP Key Admin:
>>> We love PGP! :-)
>> so I do. But, why are you going to use it in such a ummm grotesque
>> flavour?
>> If one's using that service he/she has to trust your service and
>> toolchain. It's completele breaking any ideas of end-to-end encryption.
>> More worse, any enduser without deeper knowledge of pgp or encryption at
>> all will be misguided and could think his communication be secured.
>> Indeed it isn't.
> I'm of the same opinion as Stephan. Even if this service is maybe good
> as-is, it could easily mislead the user into thinking that what he does
> is secure. The user doesn't know that the message has been encrypted
> with the end-user's key, and not with a MITM one. It may do more harm
> than good; IDK, just an opinion.

This can easily fixed with appropriate warning-message on the page. I
personally don't see any problems here.

I don't like that server's backend is closed. I want to see the source
code of this resource, but opened is only pgp JS-lib.

> Also, I hope you're not running an "open-relay" server, and that you
> have some kind of mail-sending policy ;).

Good point. Very interesting to understand how this server protected
from relaying of junk mail :)

>>> We would like to make PGP as usable as possible for everyone.
>>> With you can send encrypted messages to PGP users
>>> and you can receive encrypted messages from non-PGP users. We are
>>> using client side encryption and we can't decrypt the message.
>>> How does it work? When your public key is added to a sks keyserver
>>> just open the link:
>>> Many thanks in advance for your feedback.
>>> Jan

Best regards, Dmitry,
head of UNIX-tech department NRNU MEPhI,
tel. 8 (495) 788-56-99, add. 8255

Attachment: signature.asc
Description: OpenPGP digital signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]