Wikileaks Sidesteps Publishing Public PGP Key

An anonymous reader writes "Repeated requests toward the Wikileaks staff regarding their use of PGP have gone unanswered. The current public PGP key posted has been expired since November 2nd, 2007. A response on their PGP talk page notes that the 'SSL based mail submission system' will be the secure online method of document submission. At the current time, there is no method to safely encrypt any postal communications with Wikileaks or verify that any given communication actually originated from a Wikileaks staff member." Doubtless there are some complicating factors here -- but what is the best way to keep a confidentiality-centric site like Wikileaks trustworthy?

Whoo boy

[iminplaya]

Generally we recommend against using PGP in its simplest form, since the traffic is easily detected and provides proof of intention to conceal, which depending on the context may pose a significant difficulty. - emph mine

Gut reaction to that statement makes me feel a bit queasy.

Re:I wish the world would use GPG more

[kestasjk]

Not easy enough though; why isn't it automatic? Why isn't it just a basic part of e-mail by now? How can Flash and JavaScript in e-mail be supported but not encryption?

Reading between the lines

[Anonymous Coward]

hmm.. no encryption and no answers. I smell an FBI national security letter and gag order.

Re:Reading between the lines

[number11]

no encryption and no answers. I smell an FBI national security letter and gag order.

And why should wikileaks care about that? The domain is registered to an address in Kenya, and the web server appears to be in Sweden.