Cunningham Law (backfired terribly)

Can someone please explain why PGP is needs all of these? All explanations of public key encryption mention any email embedded emails.

And I probably don’t completely understand what PGP is, so please give me a good article or video on it.

  • Em Adespoton
    link
    fedilink
    arrow-up
    1
    ·
    4 months ago

    Of course, I generated a PGP keypair back in 1993, stuck it on the MIT keyserver, and it’s there to this day… with a throwaway email address that no longer belongs to me and hopefully no longer exists. The good news for me is that younger me was thoughtful enough to use a pseudonym and non-identifying address, so while I’ve still got the private key around somewhere, it won’t be obvious to someone who steals the email address who that keypair belongs to… and only I have the private key.

    I also recall thinking the default algorithm and key length weren’t future proof so spent a good 12 hours generating something stronger, which I believe is still secure today.