On Wed, May 08, 2024 at 03:49:12PM +0200, Werner Koch wrote:
> Hi!
>
> Thanks for the summary. I fully agree add these 2 cents:
Thanks.
> In particular using a fixed subject is not going to work in any real
> business because you are not able to ignore mails. For my part, I even
> use a auto-responder to tell that mails with a three-dot subject are
> ignored.
Indeed.
> There is a simpler method than autocrypt to initially convey a key. If
> you can't MIME-attach it, include your key in the signature (gpg's
> --include-key-block). This is what S/MIME does for decades. If you
> don't have the recipient's key (i.e. no Web Key Directory), signing the
> first message allows the recipient to reply encrypted.
This is fine, though AFAICT it still suffers from the same problems as
autocrypt:
- trusting authentication data from an unknown/unverified source
- MITM
[Arguably these are really the same problem.]
Probably fine for preventing casual eavesdropping, but for genuinely
sensitive applications, should not be considered good enough, unless
I'm missing some important detail...
--
Derek D. Martinhttp://www.pizzashack.org/ GPG Key ID: 0xDFBEAD02
-=-=-=-=-
This message is posted from an invalid address. Replying to it will result in
undeliverable mail due to spam prevention. Sorry for the inconvenience.
signature.asc
Description: PGP signature
