Novel new use of PGP keysigning sessions

[Ian BROWN]

Owen Lewis wrote:
>4. Key certification provides me with little of benefit where I wish to
>communicate secrets.

Indeed -- that's why it's called Pretty Good *Privacy*.

For the vast majority of people's day-to-day e-mails, they are not sending 
secrets that could result in their imprisonment or other severe consequences. 
Anyone who wanted to send such information to someone they could not trust to 
use it appropriately would be rather loopy. Getting a trusted key for such a 
person is the least of their difficulties.

Phil Zimmerman has said many times that PGP was written to increase the 
general use of encryption. For protecting against passive eavesdropping 
hoovers like Menwith Hill, even encryption using uncertified public keys is a 
big step ahead of plaintext. The WoT adds an order of magnitude or two of 
security, but still doesn't claim to be perfect way to send the most sensitive 
information to anyone on the planet with no security downsides. Many of the
"problems" people are claiming for it seem to stem from a belief that it does.