Hacker News new | past | comments | ask | show | jobs | submit login

I think the assumption is that authentication is bare minimum for a secure messaging system, so "just don't sign" isn't really an option.



Well okay but he said "message encryption"; everyone is reading into that to mean authentication as well but I don't know why we should extend that understanding when a plain reading of his post implies a harsher critique of PGP encryption than warranted. It's also amusing how many people downvoted me for disagreeing with tptacek.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: