Re: [Sks-devel] offtopic: encrypt.to

[Gabor Kiss]

Dear David,

> These are the same problems that are always present. First, there's
> the usability versus function (and it is really sad that these have
> become opposite poles), and second, there's the competence to audit
> code, which is probably an issue for an even greater number of people
> than the usability.

You are absolutely right.

> Inevitably, we rely on each other because we can't do everything
> ourselves. So the questions reduce to 1) do we want wider scale
> adoption of encryption (my answer is yes), 2) do those of us who have
> the competence (not me) audit code (I think they will do so for their
> own reasons), and 3) will they share their results (I thought this was
> the idea of open source)?

Mostly I agree.
But we must not give up the right to thinking and scepticism.

I can imagine that next week someone set up a similar service
on his own site, next month three other guys do the same etc.
Sending encrypted mail via someone else's infrastructure will
be more popular than M$ Vindoze. :-)
Guess how much time passes until Oscar slightly modifies the code
on his site in order to open a backdoor for Eve/NSA/mafia?
Who the heck will check the Javascript at every turn?

I don't think this is the way of future.

This practice is dangerous as much as uneducated peoples
sign public key of everybody without checking their identity.

Regards

Gabor
-- 
Wenn ist das Nunstück git und Slotermeyer?
Ja! ... Beiherhund das Oder die Flipperwaldt gersput.