In a cost-benefit analysis when dealing with someone who you will have to walk through the entire download, install, key generation, password selection, and any troubleshooting vs. simply ordering them to execute a Self-Decrypting Archive (SDA) for a single communication or otherwise seems to favor the SDA option. It’s more secure than a plain-text email, less secure than GnuPG’s full suite.

To claim it is “bad all around” fails to appreciate the nuances here. There are certainly instances when I’d rather send a rare sensitive communique to persons who would have no other use for encryption software. Asking them to install the full suite, generate a key, and password for one message seems beyond ridiculous.

Unfortunately, the SDA is the only solution I’ve stumbled upon. There is nothing else as simple out there. However, if you have that solution, _please_ share it because I’ve been searching for 2 weeks now.

You might argue that there are many means of bypassing the limited security SDA’s provide but that’s like arguing you shouldn’t use a simple doorknob lock because bank-vault doors are far more effective. An interested party still has to exert some effort to bypass a doorknob lock and most people aren’t capable of doing so (the vast majority of people can’t pick a lock) therefor we still use simple doorknob locks even though we know they won’t protect us from any hardcore attacks (just watch any horror movie).

In other words, most people won’t bother or can’t bypass a simple lock, the same could be said of SDA.

The problem is, of course, is some people who’d use an SDA may not understand the actual level of security they are getting but that is a whole other discussion.