what's necessary before new OpenPGP keys are used?
kaie at kuix.de
Fri Dec 6 07:21:26 UTC 2019
On 06.12.19 08:08, Ben Bucksch wrote:
> I believe we can. I just think that nagging (for normal situations like
> new communication partners) is going to lose the average user. So, drop
> the questions for normal usage.
It wouldn't be a question or prompt, which should be avoided.
Rather, the composer window could have a visual status, that says
encryption won't be used, unless a key review is performed.
Alice can ignore that. Unless she configured "require encryption", the
message would be sent unencrypted.
> Advanced users can enable the extra nagging by toggling a pref.
> The only nagging that is really important is when a key *changes*.
> That's the dangerous situation, and we should be alerting there.
> But if we had been annoying them for mundane issues before, they won't
> listen for the important alerts, either.
I'm worried about the denial of service scenario.
If Bob uses an email agent that doesn't support OpenPGP, then a joker
could repeatedly send mail in Bob's name to Alice and others, causing
Bob to continously receive encrypted email without being able to read them.
More information about the tb-planning