Your other points are all reasonable, and like I said, my opposition
to the feature isn't strong--but you didn't change my mind either. :)
Yes, I can see that, but it's hard to change your opinion that e-mail
privacy is a lost cause in just a couple of e-mails.
Mind me asking why do you put your key ID in e-mails if you're opposed
to encrypted communication?
FWIW, we've now seen from 3 mutt-dev followers that they would prefer
this code not go in... even to the point where they'd patch -R to
remove it. That, for my money, is reason enough to not include it.
There is no code at this point and as far as I can see the "ultimate
solution" of patching has been brought in context of "automatic WKD".
And automatic WKD was already dismissed by Kevin in his first e-mail.
Quote from Claus Assmann:
I am disinclined to default-enable something that send http requests
out without the user fully understanding what's going on.
Agreed.
I would patch my copy of the source to not enable such code at all
End of quote.
It's actually worse, because
it leaks whom you are actually sending messages to, rather than from
whom you're receiving them...
If you're sending e-mail to u...@example.com and do a WKD query it would
reveal that only to example.com. But you're sending the e-mail there so
that user (or their server admins) would already know that after you
send that e-mail.
Kind regards,
Wiktor
--
https://metacode.biz/@wiktor