[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Autocrypt header field

From: Robert Pluim
Subject: Re: Autocrypt header field
Date: Wed, 21 Feb 2018 11:19:54 +0100
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/26.0.91 (gnu/linux)

Richard Stallman <address@hidden> writes:

> [[[ To any NSA and FBI agents reading my email: please consider    ]]]
> [[[ whether defending the US Constitution against all enemies,     ]]]
> [[[ foreign or domestic, requires you to follow Snowden's example. ]]]
>   > What level of support were you thinking of? The Autocrypt
>   > recommendations include a whole bunch of PGP key generation and setup
>   > messaging that I'm not convinced are necessary.
> We should consult an expert such as Werner Koch about that.

I was unclear: Autocrypt has a setup procedure that involves
generating a new PGP key specifically for use with it, and producing a
setup email message containing that key. Many users will probably
already have a PGP key that they would prefer to use instead,
obviating the need for such setup.

>                                                   Snarfing the key from
>   > the header and adding it to the user's keyring should be easy enough. [1]
> I suppose that is the job to be done; you've raised the question of how
> to do that right.

That's part of what needs to be done. Once the keys are stored
somewhere, a decision then needs to be made on a per-message basis as
to whether or not to sign/encrypt, the keys need to be kept track of
in case they change, and probably more (I haven't committed the
Autocrypt specification to memory)

>   > [1]  Or should this go to a separate Autocrypt keyring?
> I never heard of Autocrypt before.  What would be the reason for doing
> that?

It's a whole new method for automatically signing email. People might
not want emacs to start adding keys to their default keyring
automatically. In the only other similar case I know of, namely elpa
package signature checking, a separate keyring is created.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]