tag:blogger.com,1999:blog-4136576136384847049.post3355932913291181004..comments2023-09-29T13:01:13.801+02:00Comments on Thomas' blog: GSoC idea 2: Improved (more elegant) keygeneration in KMail/KleopatraThomas Thymhttp://www.blogger.com/profile/11125935795800650270noreply@blogger.comBlogger5125tag:blogger.com,1999:blog-4136576136384847049.post-13985416283451968912011-02-24T11:27:27.055+01:002011-02-24T11:27:27.055+01:00I think, there should exist identity-key relation....I think, there should exist identity-key relation. Each identity can have on key and many keys could been assembled to many identities.<br /><br />Identities would be:<br />Default e-mail address, sign, key to crypt and digital sign e-mail.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4136576136384847049.post-41059825140925181622011-02-23T16:00:02.343+01:002011-02-23T16:00:02.343+01:00@Fri13: Ups. I haven't checked the brainstorm ...@Fri13: Ups. I haven't checked the brainstorm forum. But I am a little bit sad to hear the response. Hopefully more people (esp. developers) will see the possibilities we gain with a even easier encryption handling. A GSoC would be really rocking!Thomas Thym (ungethym)https://www.blogger.com/profile/09116807907551355761noreply@blogger.comtag:blogger.com,1999:blog-4136576136384847049.post-91915941888705750142011-02-23T15:56:15.980+01:002011-02-23T15:56:15.980+01:00@malte: Nice ideas.
The security level (use same...@malte: Nice ideas. <br /><br />The security level (use same pwds) of the passwords surely could be discussed. Perhaps it could be integrated into kwallet or something to make it simpler if you want to.<br />(I am not sure if more people use email encryption or disk-encryption. Both would be big numbers.)Thomas Thym (ungethym)https://www.blogger.com/profile/09116807907551355761noreply@blogger.comtag:blogger.com,1999:blog-4136576136384847049.post-77372598347936164662011-02-22T22:21:09.227+01:002011-02-22T22:21:09.227+01:00There were(is?) a wish on kde brainstorming forum ...There were(is?) a wish on kde brainstorming forum about this.<br /><br />And it was shot down as the result was that the current email/file encryption and decryption is already easy.<br /><br />I argued same thing as you did that it is too difficult<br /><br />It really should be easy as just first giving a new password for the encryption email address and other needed information and then encrypting files or emails should be easy as drag'n'dropping files or copy-paste them. <br /><br />You nailed the point directly... The encrypting is very old technology and very rarely used. I do not know anyone else than me from my friends or family who use it on their own computers (non-corporation setups). And among them all, I know only one who has very secure encryption on his work laptop, but he works on IBM networking and they have this fancy fingerprint+PIN encryption key on their keychain what is needed to open first to get 16 letter code from it to open company own networks/emails etc.<br /><br />I really would argue that KDE SC needs a application what makes encrypting/decrypting very easy, with very standard/wide used technology what is possible to use anywhere.<br /><br />I think that we need very nice wizard to generate a:<br /><br />PGP key for files/emails<br />SSH key for remote connections<br />XYZ key for XYZ<br /><br />It really should be such that it does not use the same password what user use for own personal account. Every password really should be different, that is the corner stone of the security. At homes, it really is not so bad that the password is written to piece of paper under the keyboard, as the mostly data capture is really happening at network.Fri13https://www.blogger.com/profile/00914958546817888010noreply@blogger.comtag:blogger.com,1999:blog-4136576136384847049.post-23930915972421990902011-02-22T10:19:24.952+01:002011-02-22T10:19:24.952+01:00What about making it as easy as just asking the us...What about making it as easy as just asking the user "Do you want to send the emails encrypted?", maybe with the options "when possible" and "always" and if answered "yes" generating a key from the users login-settings.<br /><br />I know it's crazy to use the same password for login, disk-encryption (as is automatically done by some distributions) and email-encryption, but since many users wouldn't bother the tiniest bit, this may have a huge impact on a macroscopic scale.<br /><br />Another point to make it as hassle-free as possible would be to only encrypt, if it can be determined that the other side can decrypt the message, which could be done e.g. by looking up the recipient on public key-servers, looking in the "Client"-part of the mail or figuring out if the mail-provider has some means of encryption (web.de enables you to use S/MIME for example).maltehttps://www.blogger.com/profile/07202545661371451159noreply@blogger.com