"Hernâni Marques (p≡p foundation)" wrote:
> On 08.10.19 18:37, Dmitry Alexandrov wrote:
>
>> Pity, but I hope it will be better that way. In particular I hope, that
>> Mozilla will not follow your example and won’t entice users to proprietary
>> isolated keyserver [0] instead of distributed SKS network thus splitting the
>> keybase. And won’t promote standards [1] that suspiciously resemble
>> embrace-extend-and-extinguish tactics employed against PGP either.
>>
>> [0] https://keys.openpgp.org
>> [1] https://pep.security
>
> pEp is not against PGP it's just PGP-supporting as much as it makes sense for
> interop reasons
Well, I’m glad to hear that, but it’s really a pity, that supporting Autocrypt
does not make sense for you.
> and goes beyond email already today; and it's designed from the very
> beginning on to support other crypto[formats] as well (agnosticism on
> messaging & crypto[format])
A double pity in light of your decision to not only support but actually
_prefer_ other cryptoformats over PGP whenever possible for the sake of
‘forward secrecy’ [1] — that’s when Autocrypt is exactly the extension to PGP
that can provide forward secrecy, if needed.
[1]
| How does p≡p select the most secure way of sending an email or a message?
|
| When a p≡p user is communicating with another p≡p user:
|
| 1. if online communication available: OTR through GNUnet.
|
| 2. if online communication not available:
|
| a. if anonymizing platform available, OpenPGP through anonymizing platform
(i.e. Qabel),
|
| b. if anonymizing platform not available, fallback to OpenPGP.
|
| When a p≡p user is communicating with a non-p≡p user then depending on the
capabilities of the non-p≡p user:
|
| 1. if anonymizing and forward secrecy is possible, use that (i.e. OTR over
GNUnet).
|
| 2. if anonymizing but no forward secrecy is possible, use that (i.e. OpenPGP
over Qabel).
|
| 3. if forward secrecy is possible, use that (i.e. OTR).
|
| 4. if hard cryptography but no forward secrecy is possible, use that (i.e.
OpenPGP)
|
| 5. if only weak cryptography is possible, use that (i.e. S/MIME with
commercial CAs)
|
| 6. send unencrypted.
— https://www.pep.security/en/faq/
signature.asc
Description: PGP signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users