Hello, Am Freitag 02 Februar 2018 18:48:08 schrieb Daniel Kahn Gillmor: > I recently learned that default handling of signed S/MIME mail with > GnuPG causes an inherent metadata leak about the user's activity: > > https://dev.gnupg.org/T3348#110132
from briefly reading over the issue I think that "inherent metadata leak" is too broad a term to represent the security pros and cons well enough. Just sending an email or a webpage will also inherently leak meta data for someone listening on the line. So you'll certainly won't disable begin able to send those as well. > As a MUA developer, I'd like my MUA to simply handle as much crypto as > it can on the user's behalf automatically, correctly and silently, > without needing any special configuration or asking the user to make any > tough tradeoffs that they might object to. Users might also object to the higher exposure to revoked certificates and a more surprising behaviour deviating from the CMS standards (which as far as I know mandate checking the validity of certs). It comes down to post some trust into the implementations and the certificate authorities you chose to use. I think we'd do more for users if we educate them about some of the more basic properties. Best Regards, Bernhard -- www.intevation.de/~bernhard +49 541 33 508 3-3 Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998 Geschäftsführer Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
Description: This is a digitally signed message part.
_______________________________________________ gmime-devel-list mailing list firstname.lastname@example.org https://mail.gnome.org/mailman/listinfo/gmime-devel-list