On Tue, Nov 29, 2016 at 10:18:37AM +0100, Vincent Breitmoser wrote: > In short, my conclusion so far is that signed-only mails are very rarely > useful, they are holding OpenPGP back as a solution for encrypted > e-mail, and in the interest of usability we should not roll them out in > email crypto solutions on equal terms with encryption.
afaik the lack of rsa-pss in openpgp means that two signed mails can be used to recover the signing rsa public key. so actually no need to send out pubkeys if you autosign with rsa keys ;) another a problem is that autosigning means that either 1/ you have your key/password cached which is nice for recoverymalware, or 2/ you have to type you password a lot, also nice for keyloggingmalware, 3/ you have no password on it at all /o\. anyway in most cases the frequency of key-exposure is unnecessarily inflated. on certain mailinglists or email leaks repudiation might also be a factor. this also leads to the question that mails in archive have other requirements than messages in transit. _______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
