On 05.06.17 16:22, Stefan Claas wrote: > On 04.06.17 22:20, Daniel Kahn Gillmor wrote: > >> I'd generally think that if you're looking for a tool to help people >> remember and recognize keys that they've seen before, then a mail user >> agent is in a great position to do exactly that: just tell the user >> explicitly what they've seen before, how often, etc. why depend on the >> human visual cortex or on human ability for numeric recall? > I could imagine that Joe user average may not always look at mail headers > very carefully for a little typo in the from: or reply-to: header in his > mail client or web-mailer. And another thought, since this thread says "app developers". How would services like StartMail, ProtonMail or gmx.de for example handle this...?
If i remember correctly users have not the possibillity to sign someone elses pub-key when they both use the same service. If someone gains unauthorized access to one account and use his own fake pub key...?! Regards Stefan _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
