Am Freitag 02 Februar 2018 18:48:08 schrieb Daniel Kahn Gillmor:
> I recently learned that default handling of signed S/MIME mail with
> GnuPG causes an inherent metadata leak about the user's activity:
>     https://dev.gnupg.org/T3348#110132

from briefly reading over the issue I think that "inherent metadata leak"
is too broad a term to represent the security pros and cons well enough.

Just sending an email or a webpage will also inherently leak meta data
for someone listening on the line. So you'll certainly won't disable begin 
able to send those as well.

> As a MUA developer, I'd like my MUA to simply handle as much crypto as
> it can on the user's behalf automatically, correctly and silently,
> without needing any special configuration or asking the user to make any
> tough tradeoffs that they might object to.

Users might also object to the higher exposure to revoked certificates
and a more surprising behaviour deviating from the CMS standards (which as far 
as I know mandate checking the validity of certs).

It comes down to post some trust into the implementations and the certificate 
authorities you chose to use. I think we'd do more for users if we educate 
them about some of the more basic properties.

Best Regards,

www.intevation.de/~bernhard   +49 541 33 508 3-3
Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998
Geschäftsführer Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner

Attachment: signature.asc
Description: This is a digitally signed message part.

gmime-devel-list mailing list

Reply via email to