STEED - Usable end-to-end encryption

Werner Koch wk at
Thu Oct 20 21:59:57 CEST 2011

On Thu, 20 Oct 2011 13:14, jerome at said:

> Look at how OpenID does it. I can use my personal web page if I want, or
> I can go to one of the many providers and they'll create a "profile
> page" for me. Some of them even support using my domain if I have one,

That is exactly what we want to avoid.  See the footnote on page 3:

  1 Using a separate provider for public key storage has the problem
    that it again separates mail address and public key.

[from the user's POV].

GnuPG even supports an alternate root for the PKA lookup but it is a
solution for geeks or companies who want to sell a service to email
users.  The whole point is that we don't want an optional service but
encrypted email all of a piece.



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gnupg-devel mailing list