what's necessary before new OpenPGP keys are used?

Kai Engert kaie at kuix.de
Fri Dec 6 07:21:26 UTC 2019

On 06.12.19 08:08, Ben Bucksch wrote:
> I believe we can. I just think that nagging (for normal situations like 
> new communication partners) is going to lose the average user. So, drop 
> the questions for normal usage.

It wouldn't be a question or prompt, which should be avoided.

Rather, the composer window could have a visual status, that says 
encryption won't be used, unless a key review is performed.

Alice can ignore that. Unless she configured "require encryption", the 
message would be sent unencrypted.

> Advanced users can enable the extra nagging by toggling a pref.
> The only nagging that is really important is when a key *changes*. 
> That's the dangerous situation, and we should be alerting there.
> But if we had been annoying them for mundane issues before, they won't 
> listen for the important alerts, either.

I'm worried about the denial of service scenario.

If Bob uses an email agent that doesn't support OpenPGP, then a joker 
could repeatedly send mail in Bob's name to Alice and others, causing 
Bob to continously receive encrypted email without being able to read them.


More information about the tb-planning mailing list