Andrew Gallagher <andr...@andrewg.com> wrote:
> The only way that a company would end up archiving a password reset
> email encrypted to an ADK would be if an employee was using their work
> email address for password resets. If using their work email for this
> purpose is inadvisable, then it is inadvisable regardless of ADKs.
Like you mean, an employee was using a work email for a work thing, maybe?
> ADK introduces no new considerations that are not also an issue for key
> escrow, which happens anyway, and has several advantages over escrow,
I agree.
> If you don’t trust your correspondent’s employer, then the only
> effective course of action is to not use their employer’s email
> address. Technical measures cannot protect you from opsec problems.
I'm asking to be informed so that I can make the decision to do
something else.
signature.asc
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
