intrigeri: > sajolida wrote (09 Jun 2015 14:57:28 GMT) : >> Ok, so your hypothesis is that there shouldn't be problems if exchanging >> emails between two operating system or applications that default to >> UTF-8. Did I understand correctly? > > That's right, this was my hypothesis. But dkg later explained that it > still might cause security problems, even if in the ideal > (non-adversarial) case, the text renders just fine. > >> If we think this issue is "dangerous" or that PGP/inline should >> disappear from the cyberspace, then we might be better off stopping >> recommending Tails OpenPGP APllet as an option in the first place. > > It is apparently a bit dangerous, but for many people it's the only > workable option so far, so I'm not in favour of removing it. I mean, > we allow sending passwords over plaintext HTTP connections, even if > that's dangerous.
I'm fine with keep it. Note that the difference here is that we don't provide specific tools or have documentation pages about sending your passwords over HTTP in plaintext :) -- sajolida _______________________________________________ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.
