Hi Gaute--

On Sun 2018-02-04 11:46:20 +0100, Gaute Hope wrote:
> Astroid v0.11 has been released!

Congratulations -- it's great to see this progress! :)

> * Always throw key-id when sending (using GMime 3)

Can you explain this choice?  As someone who receives mail with a thrown
key-id, and as someone who has multiple secret keys, the user experience
of receiving encrypted mail like this is *terrible*.  (terrible to the
point of me wanting to ask people who do this for normal mail to just
send me mail in the clear in the future :( )

In particular: GnuPG doesn't know which key to use, so it prompts me for
passphrases for *all* of the secret keys i control, in succession.

I understand the desire to reduce metadata leakage.  But if you're
wrapping the PGP/MIME application/pgp-encrypted part in an RFC822
message that contains a header with the person's e-mail address anyway,
it's not clear that there has been a significant reduction of cleartext
metadata.  So this seems like a bad tradeoff for any case where the
recipient is explicitly specified (i.e., not in Bcc:)



Attachment: signature.asc
Description: PGP signature

notmuch mailing list

Reply via email to