what's necessary before new OpenPGP keys are used?

Kai Engert kaie at kuix.de
Fri Dec 6 07:21:26 UTC 2019


On 06.12.19 08:08, Ben Bucksch wrote:
> I believe we can. I just think that nagging (for normal situations like 
> new communication partners) is going to lose the average user. So, drop 
> the questions for normal usage.

It wouldn't be a question or prompt, which should be avoided.

Rather, the composer window could have a visual status, that says 
encryption won't be used, unless a key review is performed.

Alice can ignore that. Unless she configured "require encryption", the 
message would be sent unencrypted.


> Advanced users can enable the extra nagging by toggling a pref.
> 
> The only nagging that is really important is when a key *changes*. 
> That's the dangerous situation, and we should be alerting there.
> 
> But if we had been annoying them for mundane issues before, they won't 
> listen for the important alerts, either.

I'm worried about the denial of service scenario.

If Bob uses an email agent that doesn't support OpenPGP, then a joker 
could repeatedly send mail in Bob's name to Alice and others, causing 
Bob to continously receive encrypted email without being able to read them.

Kai


More information about the tb-planning mailing list