[cryptography] can the German government read PGP and ssh traffic?
pgut001 at cs.auckland.ac.nz
Sun Jun 10 12:25:22 EDT 2012
Thierry Moreau <thierry.moreau at connotech.com> writes:
>Would you extend the association to PGP usage?
Magical thinking works independently of technology, so I'm sure there's a lot
of it in the PGP world as well :-).
>Would you extend the association to Lotus Notes as another PKC user community
Notes is another matter entirely, it's never been subject to any independent
analysis or scrutiny, so there could be holes in there big enough to drive a
truck through (and from what I've both seen of other PKI implementations, and
of Notes in general, I'm pretty sure they'll be there). I'm not sure that an
application that can barely be trusted to get a piece of mail from A to B
correctly should be trusted to get its PKI right. But then that's another
In both cases though you need to look at it from the point of view of "is the
mechanism being employed appropriate for what's being secured" rather than "we
use PKCs, all security problems are solved".
More information about the cryptography