Werner Koch wrote in <875xvoza5j....@jacob.g10code.de>: |Thanks for the summary. I fully agree add these 2 cents: | |In particular using a fixed subject is not going to work in any real |business because you are not able to ignore mails. For my part, I even |use a auto-responder to tell that mails with a three-dot subject are |ignored. | |There is a simpler method than autocrypt to initially convey a key. If |you can't MIME-attach it, include your key in the signature (gpg's |--include-key-block). This is what S/MIME does for decades. If you |don't have the recipient's key (i.e. no Web Key Directory), signing the |first message allows the recipient to reply encrypted.
That is the real thing! That should be made a standard feature in PGP, only the plain key without any Web of Trust noise, it is so easy for S/MIME, even my one can simply use *SSL library provided standard interfaces to take that and save it somewhere. (And, to me, a real DNSSEC-secured DNS entry that can easily be grasped by anyone, like the DKIM TXT record.) --steffen | |Der Kragenbaer, The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt)