Werner Koch wrote in
<875xvoza5j@jacob.g10code.de>:
|Thanks for the summary. I fully agree add these 2 cents:
|
|In particular using a fixed subject is not going to work in any real
|business because you are not able to ignore mails. For my part, I even
|use a auto-responder to tell that mails with a three-dot subject are
|ignored.
|
|There is a simpler method than autocrypt to initially convey a key. If
|you can't MIME-attach it, include your key in the signature (gpg's
|--include-key-block). This is what S/MIME does for decades. If you
|don't have the recipient's key (i.e. no Web Key Directory), signing the
|first message allows the recipient to reply encrypted.
That is the real thing! That should be made a standard feature in
PGP, only the plain key without any Web of Trust noise, it is so
easy for S/MIME, even my one can simply use *SSL library provided
standard interfaces to take that and save it somewhere.
(And, to me, a real DNSSEC-secured DNS entry that can easily be
grasped by anyone, like the DKIM TXT record.)
--steffen
|
|Der Kragenbaer,The moon bear,
|der holt sich munter he cheerfully and one by one
|einen nach dem anderen runter wa.ks himself off
|(By Robert Gernhardt)
