On 03/26/2014 09:57 AM, Mike Acker wrote: > On 03/25/2014 06:21 PM, Daniel Kahn Gillmor wrote: >> hi enigmail folks-- >> >> 1ee310b5bcdb86f225cc11ca0ae2138a7aaba992 addresses bugs 212 and 179 with >> a menu option called "trust the keys of all recipients". >> >> I think what this implies is that when sending a message to >> f...@example.com, enigmail will just use the first key it happens to find >> in the user's keyring that has f...@example.co in one of its user ids. > it may be possible to correct this by setting a PGP rule on the address > book entry > I'm experimenting with this
What do you mean "correct this"? This e-mail thread was not intended to
be about whether this particular action is right or wrong, it was about
whether the text accurately describes what is being offered.
That said, I'd be very interested in a separate discussion about what
kinds of key management workflows are sensible. Ideally, we'd think
about this with respect to enigmail on its own, and how well enigmail
can integrate into other programs that might use OpenPGP for the user.
I have some vaguely-formed ideas about how to do this kind of thing in
ways that would share these validity decisions across other users of
GnuPG as well, using a designated separate/independent local
(non-exportable) trusted key to record temporary acceptances as
local-certifications on the keyring.
maybe we should start this discussion as a separate thread?
--dkg
signature.asc
Description: OpenPGP digital signature
_______________________________________________ enigmail-users mailing list enigmail-users@enigmail.net https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
