On 18/07/14 15:40, Ingo Klöcker wrote: > OpenPGP keys are created and uploaded to some key server > automatically, and they are looked up and used automatically
This creates a privacy issue with key lookup. It exposes correspondents to the keyserver, including time-of-use. Also, you need to define some negative-acknowledge time to live (terminology borrowed from DNS). If on first contact an address does not exist at the keyserver, when do you re-check? And since it can, in unfavourable circumstances, take a while for a public key to propagate through the keyserver network, if somebody just created an e-mail address and key and uploaded it, then starts communicating, people will check a keyserver and not see the key. Now their client will wait the defined period before re-checking, adding even more to the propagation delay. Thirdly, if this is the default mode of operation, I think you need automatic decryption before storing the mail, because searching mail is an important feature, and searching encrypted mails a big usability issue. An e-mail system with a default big usability issue will get swapped out for a more pleasant to use one. Finally, I think people might take issue with their e-mail address automatically being posted to a public keyserver. And if it catches wind, and many, many people use it, I think spammers might look again at harvesting addresses versus generating them. Now it's a small pool to fish from, but if most people have their address on the keyserver network, the odds might change. Given all the issues, I agree with Hauke when he wrote: > There are many features which would be nice to have. What do you > think how many orders of magintude this one is more effort to > implement than my proposal? That said, I'm not commenting on the symmetric encryption proposal, purely on your encryption-by-default proposal. HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at <http://digitalbrains.com/2012/openpgp-key-peter> _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
