Home arrow BrainDump arrow Page 2 - PGP and GPG: Email for the Practical Paranoid

A Textbook on Email - BrainDump

Cryptography is a difficult topic, but many people are interested in keeping their email communications private. Where can a "moderately skilled geek" find a good introduction that will teach them the practical skills? PGP & GPG: Email for the Practical Paranoid claims it can help. Quantum Skyline from our own Dev Hardware forums reviews the book.

  1. PGP and GPG: Email for the Practical Paranoid
  2. A Textbook on Email
  3. Details of Instruction
  4. Conclusion
By: Quantum Skyline
Rating: starstarstarstarstar / 4
May 30, 2007

print this article



PGP & GPG is laid out in an instructional format much like a textbook. It is intended to be read linearly.  Skipping chapters to get specific bits of information is likely to confuse the reader.  The first two chapters introduce the OpenPGP standard, PGP and GPG, and the differences between them before putting the reader through "Cryptography Kindergarten."  Following the introduction, Lucas takes the reader through installing PGP Corporation's PGP desktop client, GPG, and a Windows interface to it called WinPT.  When showing how to use or install the tools, Lucas devotes one chapter to PGP and GPG each, and Lucas reminds the reader to skip the chapters that are not useful for him- or herself. 

Following the discussion on installation, in chapters 5 through 7 Lucas explains the concepts behind the Web of Trust and how to manage public keys in the Web of Trust.  Chapters 8 through 10 talk about how to use the OpenPGP standard with commonly used email tools, and Lucas finishes the book with other considerations and caveats when using OpenPGP, as well as appendices on how to use the command line tools.

The introduction to PGP &GPG is rather enjoyable; Lucas does an excellent job of providing a summary of the history behind OpenPGP and Phil Zimmermann's story is quick and to the point. At the beginning of the first chapter, Lucas goes over common tasks that include public key cryptography and identifies what OpenPGP can do to address those tasks. His explanation of cryptographic terms is done at a high enough level that novices will understand the concepts, but those who are more familiar with cryptography may complain that he is skipping details in the book.

However, while Lucas did a good job of introducing and explaining the concepts and what OpenPGP provides, it seemed that he did not do an adequate job of motivating the case for why a regular user would begin using OpenPGP with their email.  The closest he gets to that kind of statement is when Lucas states that "non-repudiation alone makes it worth while to use OpenPGP" and gives examples of some extreme situations where OpenPGP is a good idea.  Given that the reader is not likely to be in a repressive country (although some would argue that this is where some western countries are heading), PGP & GPG does not specifically instruct the reader to evaluate his or her tolerance for risk and then decide what is appropriate.  For a book that reads like a how-to document, this is a critical step that was missed. 

>>> More BrainDump Articles          >>> More By Quantum Skyline

blog comments powered by Disqus
escort Bursa Bursa escort Antalya eskort


- Apple Founder Steve Jobs Dies
- Steve Jobs` Era at Apple Ends
- Google's Chrome Developer Tool Updated
- Google's Chrome 6 Browser Brings Speed to th...
- New Open Source Update Fedora 13 is Released...
- Install Linux with Knoppix
- iPad Developers Flock To SDK 3.2
- Managing a Linux Wireless Access Point
- Maintaining a Linux Wireless Access Point
- Securing a Linux Wireless Access Point
- Configuring a Linux Wireless Access Point
- Building a Linux Wireless Access Point
- Migrating Oracle to PostgreSQL with Enterpri...
- Demystifying SELinux on Kernel 2.6
- Yahoo and Microsoft Create Ad Partnership

Developer Shed Affiliates


Dev Shed Tutorial Topics: