Hacker News new | past | comments | ask | show | jobs | submit login

GPGMail is not quite Grandmother ready

My little company is working on an encrypted email solution that is--http://parley.co will be entering pre-beta next week :)




Since you seem to server your site (parley.co) over https, you might want to accept signups over https as well -- it's a little disconcerting to get a warning message of information being posted in the clear from a page that is all about making it easier to communicate securely online:

    <form action="http://parley.us6.list-manage.com/subscribe/post?u=NN&amp;id=NN" method="post"
Other than that it'll be interesting to see your implementation -- I've been considering the idea of key storage for a while, and I also think so long smart cards aren't ubiquitous (and usable with all clients, such as phones as well as PCs) -- pass-phrases is unfortunately as good as it gets.

It's unfortunate, because anything based on shared secretes (directly) makes key revocation tricky.


Thanks for the heads up! We just set up SSL for the main site, and obviously missed a few things--I'll fix that right now.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: