[KLUG Advocacy] PGP & Hushmail On NPR

[Bruce Smith]

> > "...When a user wishes to encrypt/decrypt data or verify/sign a 
> > signature, a connection is automatically made to a Hush Key Server to 
> > retrieve the necessary Public/Private Key..."
> > It would seem to be a bad practice to have a third party responsible for 
> > your Private/Public key pair -- even if they have a "secure" method.
> 
> Yep,  

Don't forget that the passphrase to your private key is secret to you.
If you pick a good one, anyone including hushmail, would have a hard
time decrypting your email.

 - BS