"Hernâni Marques (p≡p foundation)" <hernani.marques@pep.foundation> wrote: > On 08.10.19 18:37, Dmitry Alexandrov wrote: > >> Pity, but I hope it will be better that way. In particular I hope, that >> Mozilla will not follow your example and won’t entice users to proprietary >> isolated keyserver [0] instead of distributed SKS network thus splitting the >> keybase. And won’t promote standards [1] that suspiciously resemble >> embrace-extend-and-extinguish tactics employed against PGP either. >> >> [0] https://keys.openpgp.org >> [1] https://pep.security > > pEp is not against PGP it's just PGP-supporting as much as it makes sense for > interop reasons
Well, I’m glad to hear that, but it’s really a pity, that supporting Autocrypt does not make sense for you. > and goes beyond email already today; and it's designed from the very > beginning on to support other crypto[formats] as well (agnosticism on > messaging & crypto[format]) A double pity in light of your decision to not only support but actually _prefer_ other cryptoformats over PGP whenever possible for the sake of ‘forward secrecy’ [1] — that’s when Autocrypt is exactly the extension to PGP that can provide forward secrecy, if needed. [1] | How does p≡p select the most secure way of sending an email or a message? | | When a p≡p user is communicating with another p≡p user: | | 1. if online communication available: OTR through GNUnet. | | 2. if online communication not available: | | a. if anonymizing platform available, OpenPGP through anonymizing platform (i.e. Qabel), | | b. if anonymizing platform not available, fallback to OpenPGP. | | When a p≡p user is communicating with a non-p≡p user then depending on the capabilities of the non-p≡p user: | | 1. if anonymizing and forward secrecy is possible, use that (i.e. OTR over GNUnet). | | 2. if anonymizing but no forward secrecy is possible, use that (i.e. OpenPGP over Qabel). | | 3. if forward secrecy is possible, use that (i.e. OTR). | | 4. if hard cryptography but no forward secrecy is possible, use that (i.e. OpenPGP) | | 5. if only weak cryptography is possible, use that (i.e. S/MIME with commercial CAs) | | 6. send unencrypted. — https://www.pep.security/en/faq/
signature.asc
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users