On Fri, 27 Feb 2015 13:23, [email protected] said: > have some valid points; the latest articles are by no means mindless > rants or PGP-bashing. The thought of letting PGP die as an e-mail
The article has two problems: - It compares an offline system (mail) with online systems (chat systems). You can't compare them unless you also change the headline to "Let mail die!". - It claims that the protocol is responsible for the problem instead of pin-pointing that the mail providers do not take up on it. Back in the good all days where everyone ran their own MTA and had full control over their DNS zones, fixing the problems would have been very easy. Today virtually everyone uses a large mail provider and thus has no more control over the own mail address including the zone. Given this, it is important to convince the mail providers to support their users doing end-to-end encryption. It would really be simple. I am not calling for a high-end security solution; just for a simple way to get authoritative information on the key associated with the mail address. A few scripts and an optional entry field in the user's mail account management is all what is required. With that in place we can easily fine tune the long existing mechanisms in gpg for key retrieval and then Jürgen Schmidt would not anymore get mails accidentally encrypted so someone else. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
