| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 22 Apr 2018 09:08:36 -0700
From: Linus Torvalds <torvalds@...ux-foundation.org>
To: Pavel Machek <pavel@....cz>
Cc: Alan Cox <gnomes@...rguk.ukuu.org.uk>,
Dave Hansen <dave.hansen@...ux.intel.com>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
Dan Williams <dan.j.williams@...el.com>,
Thomas Gleixner <tglx@...utronix.de>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Andrea Arcangeli <aarcange@...hat.com>,
Andrew Lutomirski <luto@...nel.org>,
Kees Cook <keescook@...gle.com>,
Tim Chen <tim.c.chen@...ux.intel.com>,
Al Viro <viro@...iv.linux.org.uk>,
Andrew Morton <akpm@...ux-foundation.org>,
"open list:DOCUMENTATION" <linux-doc@...r.kernel.org>,
Jonathan Corbet <corbet@....net>,
Mark Rutland <mark.rutland@....com>
Subject: Re: [PATCH] [v2] docs: clarify security-bugs disclosure policy
On Sun, Apr 22, 2018 at 3:00 AM, Pavel Machek <pavel@....cz> wrote:
>
> On Fri 2018-03-09 13:15:31, Linus Torvalds wrote:
>>
>> Oh, I don't want to be taken seriously by people who use gpg
>> encrypted email.
>
> Heh. I see that gpg has some usability problems, but we do encrypt our
> http connections, and email is at least as sensitive.
It's not about sensitivity.
It's about the technology actually *working*.
PGP does not work for email. Never has, never will. It's unusable
crap. Nobody sane uses it, because the cost is just too damn high.
Make it as easy to use as https, and things will change. As it is,
don't even bother.
Thomas helped me get S/MIME working, and even for that I had to fix an
alpine bug that caused alpine to SIGSEGV. And that's _convenient_
compared to pgp email. Whee.
Linus
Powered by blists - more mailing lists