Philipp Klaus Krause [2019-10-08T15:34:28+02] wrote: > It would be really nice, if Thunderbird could add an option to use the > gpg key storage instead of its own, [...]
I agree with that even though I have never really used Thunderbird. But using a custom key storage and implementation (or do they use Sequoia PGP library?) is an interesting choice in the world of Unix-like systems. It's pretty much the normal way elsewhere, though. PGP and GnuPG and the related communities have tried really hard to build a system based on person's long-term identity keys. All that web of trust thing relies on keys that are used relatively long time. But as we know this doesn't work for most people. People are really bad at maintaining long-term identity keys. I think this is the most important reason why other software just auto-generate "device keys" or "application keys" and exchange them. They just forget about the identity part and keys' usage in the long term. Change your phone or just reinstall the application and you'll have new keys. Keys come and go and it's perfectly normal. Thunderbird seems to be going to that direction and it is probably a good thing. From the mindset of crypto nerds (like us) or Unixy tool box this can be a barrier, obviously. -- /// OpenPGP key: 4E1055DC84E9DFF613D78557719D69D324539450 // https://keys.openpgp.org/search?q=tliko...@iki.fi / https://keybase.io/tlikonen https://github.com/tlikonen
signature.asc
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users