Hi! It is commonly recognized that the best way to certify a key was to sign the key in a temporary keyring, extract that signature, and mail it encrypted to the email address. This has two main advantages: 1. we can assert that whoever controls the key also control the email address; 2. people are free to choose if they want to publish the signatures themselves (or not).
The two piece of software I know who implement this behavior is caff [1] and monkeysign [2]. One of the hard thing we both tools, even if monkeysign is better, is to setup what is needed to send the encrypted emails. And then I realized that Enigmail was actually an add-on for a tool that already knows how to send encrypted emails quite well. So this is a kind feature request to add a similar feature to Enigmail. [1]: https://wiki.debian.org/caff [2]: http://web.monkeysphere.info/monkeysign/ Thanks! -- Lunar .''`. [email protected] : :Ⓐ : # apt-get install anarchism `. `'` `-
signature.asc
Description: Digital signature
_______________________________________________ enigmail-users mailing list [email protected] To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
