I’ve been using GPG to sign my e-mail for years, and encrypt it when the recipient will accept such messages (which is very rarely). I find it ridiculous that essentially everyone out there is doing the equivalent of sending e-mail postcards that anyone and everyone with access to any system along their delivery path can read, but it’s (just barely) understandable when you consider the background knowledge you need to use encryption tools properly.
That’s why I was very interested to hear about the STEED project a couple weeks ago. They’re aiming to fix the usability problems of the system, while preserving its proven strengths.
We’ll see how it goes, but I’m hopeful.
After they get it working on the desktop, they need to get that working on mobile phones and other devices…
Other than S/MIME on some platforms which is very unfriendly (my current phone can only do it if it uses an enterprise server, which my carrier doesn’t allow and most other carriers charge extra for), the only thing out there to do that is on Android, AGP, and even that is limited (no PGP/MIME), only a little less unfriendly, and requires that you use a third-party email program on top of the two ones (gmail and generic) your phone came with. (Albeit a good email program.) An increasing amount of people do lots of their email on mobile devices…
A good idea though, hope its the start of something big.
Oops, still putting in the old website in my entries.
Software is relatively easy to port, and I’m quite sure that the STEED project will have more in common with PGP/GPG than S/MIME, given the people working on it.
Yep, no doubt, considering that it’s being discussed on gpg-devel. 🙂