On Fri, Jun 14, 2019 at 7:35 AM Stefan Claas wrote:
>
>
> Fully agree. I proposed a couple of years ago to Phil Zimmermann's
> Silent Circle*, in Switzerland, to run a modern key server in form
> like we had with pgp.com. Never received a reply ...
>
> *IIRC out of business and Mr. Zimmermann now
I can't see anyway that S/MIME gets resolved with anything other than
heuristics that look for the footprints of the CBC malleability in efail
(random blocks and/or 8bit content) etc.
There are two other alternatives, only one is plausible, IMO
1) Only allow emails where the signature verifies.