[messaging] On Signed-Only Mails
trevp at trevp.net
Sat Dec 3 09:35:23 PST 2016
On Sat, Dec 3, 2016 at 8:52 AM, Daniel McCarney <daniel at binaryparadox.net>
> On 29/11, Vincent Breitmoser wrote:
>> In short, my conclusion so far is that signed-only mails are very rarely
>> useful, they are holding OpenPGP back as a solution for encrypted e-mail,
>> and in the interest of usability we should not roll them out in email
>> crypto solutions on equal terms with encryption.
> It does seem like other parts of the community haven't reached the same
> conclusion. In particular I noticed today that the "Much easier Email
> Crypto, by fetching pubkey via HTTPS" proposal from the GnuPG folks will
> by-default will sign all outgoing mail as a signalling mechanism:
AFAICT the purpose of signed-only emails in  is only to signal OpenPGP
support to recipients, who would look up the sender's public key through
some other mechanism. So the signature doesn't seem important, there?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Messaging