[openpgp-email] On Signed-Only Mails

Bjarni Runar Einarsson bre at pagekite.net
Fri Dec 2 20:49:50 CET 2016

Hash: SHA1


Thanks Vincent for starting an interesting discussion.

Bernhard Reiter <bernhard at intevation.de> wrote:
> > https://github.com/mailpile/Mailpile/issues/1693
> Here it also is irritation.

Not so much irritation, as recognizing that sending non-technical
people detached signatures (or keys) causes confusion, because
usually when people are sent attachments the attachments are
important and useful. So they make an effort to open them up,
without much luck. We're wasting peoples' time, which is impolite
at best.

Wasting peoples' time may be justified if there is some education
to be derived from it; sadly most signature.asc files (and keys)
don't have much educational value today! Mailpile is
experimenting with adding a very small HTML wrapper around the
PGP content to rectify that.

In-line signatures do not appear to cause the same confusion,
people are used to ignoring junk at the bottom of the message.
This is a data point that supports Mailpile's current recommended
default of using inline signatures when the message only has a
single text part, upgrading to PGP/MIME only for more complex

I wanted to highlight this specifically, since if I recall
correctly, Mailpile is going against the GnuPG community's "best
practices" by avoiding PGP/MIME and I've had heated discussions
about this with people in the past. I don't know if this will
change anyone's mind, but I feel it is a useful data point all
the same.

> == Better email-clients are a key success factor
> Given a possible solution by improved clients, we should try
> first to make them happen before giving up on signed-only
> emails, which is the solution you proposed. You may say: But
> this hasn't work for many years. I'd agree with this notion,
> but because of the non-linear nature we don't know how close we
> are to the tipping point.

I think this is an interesting point. I also feel that signed
e-mail has value, in that it raises the bar and has the potential
to make it harder to impersonate people. That benefit also won't
really be realized until after a tipping point is reached -
encryption (and signatures) need to be commonplace enough that an
unsigned message can be treated as an anomaly, at least in some

We're not there yet. Even someone like me who uses a PGP-enabled
mail client 90% of the time still reaches for the mobile GMail
app now and then, sending unsigned mail. Every time I do, I
weaken the signal sent by my normal signatures.

Until we reach the tipping point, Vincent's argument that
signatures are basically just cognitive load and bloat is largely

Better tools can help. Better interfaces can help; I'm on the
fence in part because Mailpile wants to be one of those better
tools. But I don't think Vincent is wrong to offer his users a
simplified interface in the meantime.

The interesting question is, whether his simplified interfaces
will help us reach a tipping point sooner. They might!

All the best,
 - Bjarni

Version: GnuPG v1


More information about the Gnupg-devel mailing list