Difference between revisions of "Talk:1553: Public Key"

Explain xkcd: It's 'cause you're dumb.
Jump to: navigation, search
Line 10: Line 10:
 
:The problem is, that there isn’t anything more “workable” at the moment. <small>BTW: 7CD1E35FD2A3A158</small>. --[[User:DaB.|DaB.]] ([[User talk:DaB.|talk]]) 11:27, 20 July 2015 (UTC)
 
:The problem is, that there isn’t anything more “workable” at the moment. <small>BTW: 7CD1E35FD2A3A158</small>. --[[User:DaB.|DaB.]] ([[User talk:DaB.|talk]]) 11:27, 20 July 2015 (UTC)
 
::Well, I don't want to solve the problem of front-end cryptography here, and this site won't either. But the comic appeared in a climate of a quite general consensus and acceptance of the failure of PGP/GPG, and not technically but because of social and usability reasons. This explanation letting out that is quite comically in itself. --[[Special:Contributions/108.162.254.190|108.162.254.190]] 13:12, 20 July 2015 (UTC)
 
::Well, I don't want to solve the problem of front-end cryptography here, and this site won't either. But the comic appeared in a climate of a quite general consensus and acceptance of the failure of PGP/GPG, and not technically but because of social and usability reasons. This explanation letting out that is quite comically in itself. --[[Special:Contributions/108.162.254.190|108.162.254.190]] 13:12, 20 July 2015 (UTC)
 +
:::The main problem of end-to-end email cryptography is serious lack of companies who would actually WANT to do it properly. Most companies are directly interrested in violating your privacy. Keeping hard-to-work-with PGP is in their benefit. -- [[User:Hkmaly|Hkmaly]] ([[User talk:Hkmaly|talk]]) 10:10, 21 July 2015 (UTC)
  
 
Remember Responsible Behavior? https://xkcd.com/364/ [[User:Xquestion|Xquestion]] ([[User talk:Xquestion|talk]]) 13:03, 20 July 2015 (UTC)
 
Remember Responsible Behavior? https://xkcd.com/364/ [[User:Xquestion|Xquestion]] ([[User talk:Xquestion|talk]]) 13:03, 20 July 2015 (UTC)

Revision as of 10:10, 21 July 2015

I'm assuming he's referring to the GPG/PGP Key. Basically you have a key pair, one private that you use to sign/encrypt and one public, which can be used to verify your private key was used to sign. See Wikipedia for more information. If you posted your private key, anyone could sign as if they were you. I sign pretty much everything (not to mailing lists though), but don't think I've seen anyone else ever do so, even those I know have keys. See 1181: PGP for more. 198.41.235.35 04:59, 20 July 2015 (UTC)

Don't believe everything certification authorities are telling you. X.509 SSL certificates works exactly same. Certificate is just a public key signed by certification authority. And yes, you can sign email with X.509 certificate. -- Hkmaly (talk) 09:54, 20 July 2015 (UTC)

This comic should be added to Category:Cryptography, but I'm not sure how to do that or whether I can do that. Nick818 (talk) 07:06, 20 July 2015 (UTC)

Nick818—Someone did this today, but for your future reference, you just need to add [[Category:Cryptography]] to the page that needs to be categorized. It's helpful and customary to add the code to the bottom of the page. Cheers, jameslucas (" " / +) 10:21, 20 July 2015 (UTC)

This explanation completely misses the point that the PGP workflow is fundamentally flawed which has been stated by more than one expert, e.g. famously last year by Matthew Green, leading to demands to "let it die" and be replaced by something workable. --108.162.254.190 11:21, 20 July 2015 (UTC)

The problem is, that there isn’t anything more “workable” at the moment. BTW: 7CD1E35FD2A3A158. --DaB. (talk) 11:27, 20 July 2015 (UTC)
Well, I don't want to solve the problem of front-end cryptography here, and this site won't either. But the comic appeared in a climate of a quite general consensus and acceptance of the failure of PGP/GPG, and not technically but because of social and usability reasons. This explanation letting out that is quite comically in itself. --108.162.254.190 13:12, 20 July 2015 (UTC)
The main problem of end-to-end email cryptography is serious lack of companies who would actually WANT to do it properly. Most companies are directly interrested in violating your privacy. Keeping hard-to-work-with PGP is in their benefit. -- Hkmaly (talk) 10:10, 21 July 2015 (UTC)

Remember Responsible Behavior? https://xkcd.com/364/ Xquestion (talk) 13:03, 20 July 2015 (UTC)

But did the author post his public key anywhere ? :v 141.101.104.166 17:29, 20 July 2015 (UTC)

Worth noting that posting his private key actually would be crowdsourcing his signing decisions, since anyone could do it. 108.162.221.102 04:57, 21 July 2015 (UTC)