[talk] How I stopped worrying, and learned to love GPG

Isaac (.ike) Levy ike at blackskyresearch.net
Sat Feb 21 20:23:13 EST 2015


On 02/21/15 20:02, Brian Callahan wrote:
> Hi Ike --
> 
> For reasons I can't figure out, Thunderbird has totally mangled
> your email so I'll reproduce the relevant parts here and reply.

I couldn't post about GPG without signing it, and enigmal/thunderbird
mangling it for you :)

> 
>> Who really trusts GPG these days?
> 
> I guess I do, by way of the fact that I keep myself running the
> latest GPG-modern (2.1.2 as of now). I'll be excited when more make
> it over to this side of the fence and I can start using my EC keys
> for real.

EC.  Rad.  The future.

> 
>> And, my last question- the *BSD world is filled with so many
>> impacting cryptographers, and some of the most prolific
>> security-minded programmers in the world.  Why are we all still
>> OK with this gnu-pg stuff, and all this RMS-ware?
> 
> tedu@ has a "simple, semi-modern wannabe PGP clone" called reop. I
> think it's in FreeBSD's ports tree. Code is here:
> https://github.com/tedu/reop Post about it:
> http://www.tedunangst.com/flak/post/reop With that said, I only
> know about it. Not used it. Would be interested in hearing Ted's
> thoughts on the current version of the code and future directions
> (but no idea if he's on this list or reads it).
> 
> ~Brian

I'd be very interested in hearing about users practical experiences
with 'reop'!

Yet, this OpenBSD key,
http://www.openbsd.org/advisories/pgpkey.txt

Appears to be created using,
http://www.pa.msu.edu/reference/pgp-readme-1st.html
"PGP 2.6.3i is not an official PGP version. It is based on the source
code for MIT PGP 2.6.2 (the latest official version of PGP) and has
been modified for international use."

Finding MIT PGP, appears to be a dead end,
http://web.mit.edu/network/pgp.html

Hrmph.

Best,
.ike





More information about the talk mailing list