On 2023-04-30 14:58, Andrew Gallagher via Gnupg-users wrote: > E2E encryption can’t protect you from your correspondent disclosing your > communication at the other end.
That is obvious. > Whether this is done voluntarily or under duress from their employer is an > opsec issue, not a comsec one. If it is an ex-employer that might be more compicated. > The danger of an “ignore ADK” option is that it gives a false sense of > security. It is already possible for an employer to require escrow of the > decryption subkeys of their employees - ADK actually makes this process more > transparent. That might be, but it is nowhere certain that this escrow will happen, especially if they roll out adk's. Not providing such an option might be a case where the perfect is the enemy of the good: it might not be a perfect solution but it can be better than the alternative. Besides, this is begging for GnuPG forks to arise, and if those forks are well implemented remains to be seen. -- ir. J.C.A. Wevers PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users