On 03/12, Trevor Perrin wrote:
AFAICT the purpose of signed-only emails in [0] is only to signal OpenPGP support to recipients, who would look up the sender's public key through some other mechanism. So the signature doesn't seem important, there?
I guess the crux of it is what the signature is over (the message?) and which key is used (the private key corresponding to the published public key?). Are you saying that it could be a throw away signature over a signalling indicator? That would make sense but also seems like it could cause problems for existing PGP MUA's.
I might be misunderstanding the wiki summary - I admit to only discovering WKD this morning :-)
Thanks! - cpu _______________________________________________ Messaging mailing list Messaging@moderncrypto.org https://moderncrypto.org/mailman/listinfo/messaging
