Daniel,
Checking my e-mail service. Did my response clip OK?
Thanks,
Bob Cavanaugh
> There are a lot of proposals in this thread, and you didn't trim the quoted
> text to isolate just one of them; can you be specific about which one you're
> talking about?
>
___
On Mar 20, 2015, at 2:47 PM, Daniel Kahn Gillmor wrote:
> If the followup is just "click this link" then i agree it's probably
> encouraging bad habits. What if the suggested followup was an e-mail
> reply? What if we require the verifier to sign its outbound messages,
> and tell users "don't do
On Fri 2015-03-20 13:43:27 -0400, Bob (Robert) Cavanaugh wrote:
> One thought to add to the mix: Phishng attacks by having
> unknowledgable users "click on this link" are pretty
> successful. Doesn't this proposal open a new threat vector?
There are a lot of proposals in this thread, and you didn'
rs-
> bounces+robertc=broadcom@gnupg.org] On Behalf Of MFPA
> Sent: Thursday, March 19, 2015 5:58 PM
> To: Jose Castillo on GnuPG-Users
> Subject: Re: Email-only UIDs and verification (was: Making the case for smart
> cards for the average user)
>
> * PGP Signed by an unknown key
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On Wednesday 18 March 2015 at 6:18:57 PM, in
, Jose Castillo
wrote:
> On Mar 16, 2015, at 8:55 PM, MFPA
> <2014-667rhzu3dc-lists-gro...@riseup.net> wrote:
MFPA>> No angle brackets around the email address means no key found.
JC> Good point, I’l
On Mar 16, 2015, at 8:55 PM, MFPA <2014-667rhzu3dc-lists-gro...@riseup.net>
wrote:
> I would urge you to
> reconsider your decision to drop the angle brackets. At
> least one MUA (the MUA I am using to write this message)
> sends the email address enclosed in angle brackets as the
> search string
