Talk:Pretty Good Privacy
|This is the talk page for discussing improvements to the Pretty Good Privacy article.
This is not a forum for general discussion of the article's subject.
|This article is of interest to multiple WikiProjects.|
|Pretty Good Privacy is a former featured article candidate. Please view the links under Article milestones below to see why the nomination failed. For older candidates, please check the archive.|
|To-do list for Pretty Good Privacy:|
For something to have entered our "popular culture" - it is not enough for it to exist. We need verifiable reliable sources that specifically say something has entered our popular culture - that is, our public awareness. None of the items formerly listed in this section included any such indication. Hence these items were mere bits of trivial original research. By comparison, "Prada" has entered our popular culture not simply because a movie included the brand in its title but because numerous sources discussed this fact. Frankly, I doubt PGP has entered the realm of public awareness at all, let alone to the degree that a reliable source would actually publish an article about this fact. Rklawton (talk) 01:37, 17 June 2010 (UTC)
- That was a necessary and valid edit, backed with a sound argument that I shall probably steal for future use on other pages. Thanks! --Old Moonraker (talk) 05:35, 17 June 2010 (UTC)
- Your welcome. Sometimes I get lucky. Feel free to re-use as necessary. Rklawton (talk) 07:28, 17 June 2010 (UTC)
Examples of signed messages and public keys would be good
Isn't "it is thought to be the most widely chosen quality cryptographic system" an example of weasel words? The whole "some people say..." or "it is believed that..." is supposed to be a no-no, isn't it? Thomascameron (talk) 02:29, 26 April 2011 (UTC)
The section "Written in" in the infobox should say which programming language was used. Right now it mentions a list of human languages which is pretty amusing. —Preceding unsigned comment added by UrbanGrill (talk • contribs) 19:50, 9 May 2011 (UTC)
Thats my opinion too. I tried to edit the reference; but i'm not very expirienced in wikipedia. The edit button reveals only a refence to a reference list :-( — Preceding unsigned comment added by 126.96.36.199 (talk) 06:04, 20 October 2014 (UTC)
Speculation in secton Security quality
Speculations about the future, bordering to FUD: "Likewise, the secret key algorithm used in PGP version 2 was IDEA, which might, at some future time, be found to have a previously unsuspected cryptanalytic flaw. Specific instances of current PGP, or IDEA, insecurities—if they exist—are not publicly known." Is this relevant? Can hypothetical unknown future flaws be sourced today? (The two sentences was added 06:55, 16 October 2005 and 13:39, 25 October 2005 respectively) David A se (talk) 21:00, 6 October 2011 (UTC)
Prices are relevant
This article mentions many software systems, and many versions, but fails to state which are free and give approximate prices for those that are not free. Price is an important dimension for articles describing products that are sold or distributed. David Spector (user/talk) 19:02, 19 August 2012 (UTC)
Be advised -- this article's subject was mentioned on XKCD.com. Not in a way that mentions Wikipedia or seemingly invites vandalism, but that webcomic + wikipedia seems to be a recipe for it. Jsharpminor (talk) 05:45, 4 March 2013 (UTC)
Many people (usually computer programmers) have a "PGP key" (a huge block of hexagesimal code) and a "PGP fingerprint" (a line of hexagesimal code). They often post these on their websites. Could someone please explain in the article what these mean and what they are used for? Thanks! BigSteve (talk) 11:16, 14 July 2013 (UTC)
unclear for the unknowledgeable
I read this and don't understand how it works, the article needs to show step by step how it works. Like, where does one get a public or private key or both, and how do you get them to people you're sending info to? The intro paragraph and first section "design" are completely opaque to the non technical user. — Preceding unsigned comment added by 188.8.131.52 (talk) 15:36, 1 August 2014 (UTC)
I found this http://www.pgpi.org/doc/pgpintro/ to be much better than wikipedia to gain a basic understanding. Hope this info helps to improve wikipedia. — Preceding unsigned comment added by 184.108.40.206 (talk) 16:02, 1 August 2014 (UTC)
Symantec Encryption Desktop (former PGP Desktop)
The "PGP Corporation encryption applications" section mentions "Symantec Encryption Desktop" as the renamed follower of "PGP Desktop". However, it seems to me that this information is outdated already - "Symantec Encryption Desktop" seems to have been discontinued. The Symantec website only shows "Symantec Endpoint Encryption", which seems to be a full disk encryption only. If this were true, I think the article should reflect this. Kellerpm (talk) 10:46, 13 February 2015 (UTC)
The other side of the coin!
This article focus more on the upside of PGP and doesn't discuss the related issues/technical limitations that PGP has. This blogpost by Mr. Matthew Green highlights those issues well (which Mr. Bruce Schneier endorsed himself as well).
Therefore a separate section named 'PGP limitations' or 'PGP issues' describing the associated concerns with key exchange and management, no forward secrecy, downside of web-of-trust (few strong sets, ...), poor usability, lack of ubiquity etc should also be included.
This will duly help the readers in having a more balanced and fair understanding of PGP on the whole.
- I think this is a great idea. I also like the section name "PGP limitations" or something very close to it. Rklawton (talk) 17:59, 14 December 2016 (UTC)
- I agree; I just started the section with a small amount of content. Riceissa (talk) 03:49, 19 December 2016 (UTC)
Split article into PGP (software) and OpenPGP (standard)
OpenPGP is a hugely important standard with wide applications. I understand why this article may have begun as PGP and also talks about OpenPGP, but I think most people are coming to this page to learn about OpenPGP, its implementations, applications, limitations, etc, and are likely to be confused. The article as it now is poorly structured, and thinking about how ways to improve it is challenging when it really covers 2 separate areas. I propose moving OpenPGP to a separate article. 220.127.116.11 (talk) 03:46, 17 December 2017 (UTC)
It doesn't look like that link has been active in years, as Symantec took it down back in 2011 according to the Wayback Machine. Should this be noted on the page? Is there a better link at Symantec or elsewhere that should now be used? Indefensible (talk) 08:11, 1 January 2019 (UTC)
Criminal Investigation Controversy
I had an association with PGP so I am not editing the site. However, below is the note clearing Phil and dropping the investigation from William Keane, US Attorney. This note is public and not attorney client privileged. I would suggest some way this meaningful message (verbatim) gets worked into this section as it is an important part of PGP history and cryptography history:
Philip L. Dubois - "Yesterday morning, I received word from Assistant U.S. Attorney William Keane in San Jose, California, that the government's three-year investigation of Philip Zimmermann is over. Here is the text of Mr. Keane's letter to me":
"The U.S. Attorney's Office for the Northern District of California has decided that your client, Philip Zimmermann, will not be prosecuted in connection with the posting to USENET in June 1991 of the encryption program Pretty Good Privacy. The investigation is closed." PKIhistory (talk) 20:58, 26 August 2020 (UTC)