[Cryptography] PGP-Signed Email
Jason Richards
jjr2 at gmx.com
Sat Aug 26 00:12:32 EDT 2017
Jason Richards:
>>> So, my question then is: what are the benefits of always sending
>>> PGP-signed email and calling out when email is not signed,
>>> especially on open email lists such as this?
Moritz Bartl:
>> Here's a statement by K9Mail developer Vincent Breitmoser that
>> underlines your point in a blog post titled "Signed-Only Mails
>> Considered Harmful":
Thanks Moritz, very much along my lines of thinking.
Phillip Hallam-Baker:
> I disagree with the analysis. Signed email is no more complex if
> every mail is signed and will be rejected otherwise. At that point,
> the complexity is reduced because spam is a very different issue.
>
> A more precise analysis would be signed SMTP mail is more complex.
I read the analysis as being about the complexity of presenting
information to the user. Does a signed email mean that it came from the
sender? It should, however it doesn't.
J
More information about the cryptography
mailing list