
GPG is awesome; GPG is terrible - hlieberman
https://blog.setec.io/2015/07/12/gpg-generation.html
======
eyeareque
I've seen a lot of how-to use PGP writeups, but I haven't found a single good
one that helps both windows and mac users (or linux). And by good, I mean
something that walks the user through the process of securely creating a key,
protecting their private key, explaining the difference between a public key
and a private key, explaining how to PGP sign an email, PGP encrypt an email
properly, encrypt files, decrypt files, upload public keys to a key server (or
why you shouldn't), how to decrypt an email... and anything else you need to
know to not make any mistakes that would compromise yourself. PGP is great but
there are a lot of ways you can make a mistake.

I dream of a day when secure communications is simple and usable by all.

~~~
jandrese
The big huge thing GPG installs tend to gloss over is publishing your damn
key. It doesn't help that the online keystores tend to be poorly supported by
mail clients (why is it such a challenge to auto-lookup emails?), but the
alternative of mailing your key around so other people can use it is a joke.

If you want the masses using encrypted email the key distribution needs to be
as seamless as possible. Right now it is the opposite of that. Key management
in GPG is a straight up nightmare of dozens of keystores and downloading text
files and arcane commandlines. Public key distribution is the elephant in the
room with encrypted email. Well, that and the fact that so many people use
webmail now and all major webmail providers have completely given up on
encryption. I've even seen arguments that since Javascript can never be fully
trusted that webmail will never support encryption. Those arguments feel a bit
like the "if it can't be perfect it is useless" argument you see a lot in
crypto circles that keeps people using entirely unsafe technologies instead of
safer partial solutions.

------
donw
GPG has a massive "last mile" problem.

I suspect that people would gladly accept the ability to send and receive
encrypted, signed emails, but the hassle factor of getting set up is simply
too high.

~~~
hlieberman
Definitely true. Even if you have a properly setup key - which less than 50k
people possibly do - there's even a high maintenance cost of adding and
validating new contacts.

~~~
afarrell
I'm curious what you think of a project like
[https://keybase.io/](https://keybase.io/)

~~~
bojo
This site promptly had me returning back to GPG again when it first came out
and I got access to it. After a couple months the initial novelty of it all
wore off (yet again). It's a decent idea, but when even the tech people in
your circles can't be bothered with your encrypted emails it's a sign that we
need to stop fooling ourselves and move on to whatever the next idea is.

~~~
afarrell
In the ham radio community, they have days to practice sending messages to
other hams. Perhaps we should have something similar?

~~~
ytjohn
This is a good idea, we have Field day, SET exercises, and weekly nets. There
are always contests where hams rack up points by making contacts. We have
contests that are specific days (like field day), and standing awards liked
"Worked All States" (you made a contact to someone in each of the 50 states).

In the computer tech world, we do rank ourselves. We post w3c validation
badges on our page, we run our sites through ssllabs.com for a security report
card. We work towards being an IPv6 Sage from he.net. So why not a GPG
contest? Keybase might be a good site to organize such things.

Generate a key and upload it to a keyserver is a basic level. You key can be
graded based on bits (1024 vs 2048 vs 4096) and algorithm chosen. Send an
encrypted email awards more points. Send a signed message for more points.
Receive an encrypted message (and respond with the unencrypted text) is more
points. Receive 3 emails and reply to the one that is properly signed for more
points.

At some point in your journey you can start socializing. Advertise on your
blog/github/keybase/social media that you are participating in a gpg contact
contest. People can send you signed messages, you can send to them. You both
sign and forward the message to keybase, who uses the signature to validate
both of you exchanged messages with gpg. Keybase could even provide
uuid/tokens to hand out (encrypted) and further validate. The more gpg
contacts you accumulate, the higher your score. The "worked all states" from
ham radio could be an achievement in gpg contesting as well.

------
RKearney
Does anyone have a good source on what kind of keys I should make? Or what
ciphers I should enable on my key (is that the right terminology?)

Should I add a small thumbnail photo of myself in my key? Or is that generally
frowned upon?

Finally, are there good sources on how I would create a 4096 bit master key,
and then add a 2048 bit subkeys for signing and encryption that I can add to
my smart card which only allows for keys up to 2048? Would generating 2048
subkeys allow me to still decrypt gpg encrypted emails sent to me encrypted
with my 4096 bit master key?

Still trying to figure this all out after picking up some YubiKeys

~~~
hlieberman
The best document I've found for key generation (the one I turn to myself,
when my memory needs refreshing) is the one on Riseup:
[https://help.riseup.net/en/security/message-
security/openpgp...](https://help.riseup.net/en/security/message-
security/openpgp/best-practices) . If you follow that guide, you will get a
keypair that avoids the common pitfalls.

The photo question is an interesting one - some people frown on it, some
people like it. Personally, I lean towards not adding them, just because the
number of times I've actually checked it is so low (maybe once, ever.) That
being said, I don't think people feel so strongly that they'd refuse to use or
sign your key over it; they might just not sign that particular uid. (The
photo is stored the same way an alternate email is, basically.)

Properly setting up an offline subkey involves some rather archaic
incantations; even more so when you are burning them into a smart card.
Specifically, I would probably use some combination of the above instructions
(to get my gpg.conf into the correct state), and then something like this
guide:
[https://gist.github.com/abeluck/3383449](https://gist.github.com/abeluck/3383449)

Specifically, I would look for a guide that instructs you to have a master key
that is valid only for certification. I have a personal dislike for allowing
your "master" key to be used for encryption, because it incentivizes you to do
things that are not best-practice: specifically, using it. In the ideal world,
your master key is kept, encrypted, on one (or more) USB drives that are all
kept in various safes, and are never plugged into a computer that has an
internet connection. Bonus points if the computer isn't used for anything else
either. This is because your master key is the Thing That Must Not Be
Compromised -- or you need to revoke the entire key and can never use it
again. If a "working" subkey gets compromised, you can revoke it without
losing all of the certification effort you've put into validating your
identity in the web of trust.

------
sigsergv
GPG/PGP is a VERY hard tool, conceptually hard. Yes, you can run through these
“quick-starts” but they give you zero understanding what exactly you are
doing.

GPG requires a deep understanding of things it's based on: web of trust,
public key, private key, revokation key, keys repository structure etc. And
these things are really really hard.

~~~
tptacek
What's so hard about GPG? People say this all the time but don't qualify it.
Most people who use GPG don't use "web of trust", "revocation keys", or know
anything about "key repository structure". They generate a key, give it to
their peer, get a key back, and encrypt messages to each other.

It's not the easiest tool in the world, but it's not that much harder than,
say, using a nonstandard compression tool.

~~~
Tomte
Number one issue for common people: "I use webmail".

Another issue common people don't think about: How do you backup your key and
actually restore it in such a way that you can read your old mails again?

Oh, and how long was GpgOL not working for the current Outlook version?
Another big stone that lies in your way.

And I wish tech-savvy people would just "allow" the workflow you described
above.

I have encountered too many discussions where people got scared off, because
"the web of trust is the only acceptable way", and "check your government-
issued ID cards! Yes, even if he's your best friend since kindergarten and he
gave you the key in person!".

Nerds _love_ playing the key party game. They love calling some first-level
support and asking to recite the key's fingerprint. They love showing how
goddamn smart they are. And that puts everyone else off.

It's another expression of the "security is binary" mindset that also hinders
opportunistic encryption. Because there is something better we must not use
this.

Lose the web of trust (and "marginal trust" is something only techies can come
up with...), have a nice UI with only four or five buttons, make it work with
all Outlook versions and make it work with webmail (at least GMail) and you
may have a winner.

The last one is the big one and nearly impossible for anyone else, but Google
seems to be working it (end-to-end for Chrome).

~~~
eropple
_> Number one issue for common people: "I use webmail"._

Which is actually two issues. One, the interface; there's a GPG thingy for
GMail, but it's kind of junk. Two, and no less important: _how do I search my
archive_?

(Did you just say "download it"? You lose. Did you just say "don't use
webmail"? You lose again.)

~~~
mingus68040
No, the webmail users lose because they have acclimated themselves to using a
dumb terminal system which makes full confidentiality at least an order of
magnitude more work to achieve. A user who is 100% unwilling to switch away
from webmail will accomplish that security goal with just as little success as
a steadfast fast-food patron pursing a healthy-eating goal.

~~~
eropple
Yeah, sorry, that's not how this works. Y'see, you're sending emails to people
using webmail (I mean, if you're a nominally functional human being). So
_your_ emails are insecure, too, because you are insisting on something that
is fundamentally not compatible with how normal people use computers in 2015.

This is a community thing. You need to give to get them to give. And you're
not giving.

------
sufficient
If you are on Android, use OpenKeychain. We don't ask these questions.
Instead, we have a simple wizard guiding you through the process of creating a
key. We don't ask for the algorithms (RSA, DSA,...). We don't ask for User
IDs. We don't mention the words private or public key.

See [http://www.openkeychain.org/](http://www.openkeychain.org/)

------
Raed667
With plugins like enigmail on Thunderbird all this stuff is basically next-
next-save with best practices in mind.

If you can use Thunderbird I see no reason why you can't use GPG

~~~
Tomte
That's about how much market share? Less than a percent?

(I loved EnigMail, back when I was using it)

~~~
rockdoe
What's the point here?

If you want secure email then use an email client that doesn't suck at it?

(That said, the key management part of GPG doesn't become easier just because
you use Thunderbird)

~~~
Tomte
Most mail clients "don't suck" at secure email: S/MIME is readily available,
virtually everywhere.

Only because of some irrational dislike in the Open Source community do we
even have this discussion. Self-signed X.509 certificates would have done more
for the cause of "secure email" than all GnuPG advocacy ever did.

~~~
jandrese
Most mail clients suck in one very fundamental way: Importing someone's
published public key is a manual process, and usually a fairly obscure one.

Mail clients should automatically query keyservers for all of the addresses on
the TO: line and automatically import the keys they find. Instead they assume
you're going to pass keys around on USB sticks or some such nonsense and
import them into GPG by hand using some arcane syntax. It's ridiculous.

------
lisper
An alternative to GPG that is a lot easier to use (no options):

[https://github.com/Spark-Innovations/SC4](https://github.com/Spark-
Innovations/SC4)

Runs in a browser. Modern crypto (elliptic curves instead of RSA). Audited
code. Open source.

~~~
lisper
Downvotes? Seriously? Why?

------
tikums
I would never have my private keys leave a smart card. I'd assume your PGP
private key on hard drive, located in your home directory no less, is as good
as compromised.

------
daryltucker
Take a look at this tutorial on setting up a proper GPG key:
[http://ekaia.org/blog/2009/05/10/creating-new-
gpgkey/](http://ekaia.org/blog/2009/05/10/creating-new-gpgkey/)

------
wnoise
GPG is awful; GPG is terrific.

