

Ask HN: Why don't you use PKS to sign your email? - Stubbs

What is it that stops most people from using GPG or a similar system to sign their email?<p>I know why your common or garden user might not, but I often wonder why, with sites like gpgtools or gpg4win that make install &#38; keygen simpler, more technical people haven't adopted PKS.<p>So, what stops you signing your emails?
======
karlshea
My reason is that I send mail from lots of different places like my iPhone,
Apple Mail on the desktop, Thunderbird on a Windows box, and the GMail web
client.

So synchronizing all of those with the right keys and signing software would
be either a pain or impossible (i.e. iPhone and GMail on the web).

And on top of it, I doubt more than 1% of the people I email would even know
what the signatures were, or would know something was up if an unsigned
message came through. Or would even bother to verify the signatures even if
they did know what it was.

Everyone you're mailing also has to have software installed to do the
verification. I've gotten signed emails before, and do I check to see if it's
legit? No. What would it even matter? Most of what I send over email isn't
anything security-worthy anyways.

~~~
Stubbs
Thanks for the reply, I'm gathering info for a project to see if I can't do
something about these kinds of things ... a huge task I know, but I feel i can
make a start in at least better educating people on what PKS is.

------
ammmir
not a big enough problem for most people. signatures should be built-in to
email, not a user-facing feature.

~~~
Stubbs
I agree, creating or importing keys should be done as part of the setup
wizard, alongside entering your email address & password.

