Robert J. Hansen
rjh at sixdemonbag.org
Fri Jan 16 18:12:40 CET 2015
> One of the things I find unfortunate about OpenPGP encryption is that
> the subject of a mail is not encrypted and signed.
This is a total nonissue. Give each new thread a nonsensical name:
STEEL CAMELLIA, ARGENT LUNACY, NEPAL SUNSET, and so forth. The actual
contents of a subject line are rarely of interest: rather, what's of
interest is that one message belongs to the same thread as another
message, and for that purpose a randomly-chosen identifier works quite
well. To demonstrate this, I've changed the subject line of this email:
I think you'll find it's very easy to keep threading and so forth
intact, despite the fact the subject line is now content-free.
If your subject lines are sensitive material, then you're doing it wrong.
Further, the entire reason why the subject lines are not
encrypted/signed is because they belong to email metadata, which OpenPGP
doesn't touch. Protecting metadata is a hard topic. Rather than come
up with an ad-hoc method that protects one single metadata field, I'd
rather see a solution that protects all metadata.
> This is imho very bad from a usability point of view and also not
> really neccessary, because there are ways this could work without
> changing too much about the way pgp mails work.
Take a look at the Enigmail source code, please, before opining about
how your proposal would not necessitate much change to how email
processing works. Until/unless you've done that, you don't have an
opinion worth listening to on the subject.
> What I have in mind is something like this: Whenever a PGP mail app
> creates a mail it replaces the subject with a defined keyword. This
> could be something trivial like "__ENCRYPTED_SUBJECT__". It then
> places a Subject line inside the encrypted mail body. This is
> followed by two newlines and then the real encrypted body of the
> mail follows.
It breaks threading.
> What do people think about it?
I think it's a bad idea.
> Is this the right place to discuss it?
As right as anyplace is.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 3744 bytes
Desc: S/MIME Cryptographic Signature
More information about the Gnupg-devel