[Enigmail] Idea for improvement usability of sending to mixed groups of recipients (with gpg and without gpg support)

John Clizbe John at Mozilla-Enigmail.org
Sat May 24 19:34:35 PDT 2008 

Martin Maier wrote:
>> John Clizbe wrote:
>> The "feature" You desire is the scenario that makes Cryptanalyst's
>> either laugh or vomit; depending upon whose side You're on.  There is no
>> greater/easier way to 'crack' an Encryption method than having an
>> Encrypted copy side-by-side with the plaintext copy.
> Against a side-by-side copy a random block could inserted before encryption

I said no such thing. Those are John Moore's words.

>> John Clizbe wrote:
>> I am not interested in the technical aspects of 'hashing' being unique
>> to specific messages; to those of Us who were actively involved in
>> "debriefing" the Walkers Your desire makes the blood curdle.  If
>> everyone cannot Decrypt a message then send it "in the clear" and be
>> done with it!

Learn to quote! Again you attribute words to me that I did not write. Again you
quote John Moore and attribute it to me.

> If I understand you correctly, your opinion is that only experts should 
> have the right for email cryptography?

Umm, that's not what anyone has said. It would appear that you are trying your
best to attribute your own reading of the responses to others.

Email encryption is a privacy tool to keep the contents of a message *private*
between the sender and the recipient(s). Simultaneously sending the same message
in the clear makes the effort to keep the contents private worthless, thus no
need for an encrypted copy.

What others have said is that if you are so convinced of this mis-features
"value," then you must not fully understand the purpose of email encryption.

> What do you think are the reasons for seldom use of email encryption? We 
> should think more about improving this situation and open our mind and 
> look what can done for the normal users to make it easier for them (in a 
> safe way).

Google the paper "Why Johnny Can't Encrypt". It's still germaine.

What you are proposing is no solution. It's the kind of mistake that gets people
who depend on encryption for their lives killed.

>> Robert J. Hansen wrote:
>> From this use case, it appears clear that you do not understand the
>> purpose of Enigmail or of email cryptography.
> With this use case I tried to show a potential requirement of practice. 
> If a system doesn't support a safer solution for user requirements, then 
> the user tries it himself - but this is mostly the worst case. So find a 
> system controlled solution.

This is *NO* use case in using encryption that would *EVER* require the
simultaneous sending of both encrypted and plaintext copies of the same message.

This use case is bogus. The system solution is simple and binary - encrypt to
everyone or no one, there is no in-between.

-- 
John P. Clizbe                      Inet:   John (a) Mozilla-Enigmail.org
You can't spell fiasco without SCO. PGP/GPG KeyID: 0x608D2A10/0x18BB373A
"what's the key to success?"        / "two words: good decisions."
"what's the key to good decisions?" /  "one word: experience."
"how do i get experience?"          / "two words: bad decisions."

"Just how do the residents of Haiku, Hawai'i hold conversations?"

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 677 bytes
Desc: OpenPGP digital signature
Url : http://www.mozdev.org/pipermail/enigmail/attachments/20080524/b97f6a63/attachment.bin

More information about the Enigmail mailing list