(2) We need a new protocol that allows a sender to advertise to the recipient what their key is and that they prefer encrypted email. The email signature is a good signal, but not ideal because there is no real binding between the fingerprint on the signature and the email address
I hate to sound like a broken record, but if you decided not to encrypt all mails by default but rather trigger it off a signed message .... then you have the S/MIME model and your above problem only exists due to the insistence on using PGP. Otherwise, the signature contains the certificate which contains a cryptographic binding between email address and key. What's more - existing mail clients already have the behaviour you're asking for! There is no work to do! If you want to try it out, grab a free cert here <https://www.comodo.com/home/email-security/free-email-certificate.php> and send me a mail signed with it. I'll reply back with a signed+encrypted message. If your mail client can see this email then you should be able to send me an encrypted mail immediately, assuming the list manager doesn’t scramble the MIME. A universal system of key validation would obviate the need for this, but until we all agree on a single standard... There is a standard for all the things you are asking for. It is specified by the IETF. It has protocols for verified key transitions and more. It's widely deployed and implemented. It's just not PGP.
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
