On 21/07/13 13:32, Ben Finney wrote:
Adam Bolte <abolte@systemsaviour.com> writes:
Since I imagine a lot of people interested in free software would also be big on privacy, I would like to know what other people here think of the idea of leaving GPG encryption on by default. Does anyone practise it? Is there any good reason why we shouldn't?
I think it's a good idea: opportunistic encryption (when I'm sending a point-to-point message, e.g. email, and if it appears I can encrypt that message such that the other end can decrypt it, I should go ahead and do it without checking further) is a way to increase awareness of and proficiency with encryption.
What stops me, frequently, is key management. I am often sending messages (such as this one) composed and sent from a remote server which I share with several other people. I think it'd be poor security to have my GPG secret key stored there, where others with only a loose trust relationship have access to crack it if they choose.
That's a good point. If only there was some sort of good gpg-agent forwarding solution. I've seen various hacks, but nothing good enough to recommend.