E-Mail Encryption: Why Isn't Everyone Doing It?

Adrian 'Dagurashibanipal' von Bidder avbidder@fortytwo.ch
Fri Oct 25 12:03:02 2002 

--=-Qvufjm8+ra8ocBXqbNHh
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

Yo!

On Fri, 2002-10-25 at 09:30, David Pic=F3n =C1lvarez wrote:
[key management functions don't belong in a MUA]

While I agree with you that the Unix philosophy is for tools to do one
thing, and that properly, the second half of it is that these tools can
be combined. For the CLI this is the Unix shell pipe, for the GUI ???.

A mailreader should read and send mail, yes. But when I tell the
mailreader to encrypt mail whenever possible, it would be great when the
mailer would try to encrypt:

 'You want to encrypt to foo@bar.baz, however, no encryption key has
been found in your keyring. However, there are these keys on the
keyserver that match the email address:
	[ ] ...[userid here]...
	[ ] ...
To ensure that foo@bar.baz will receive the message, it is important
that blah blah blah about key trust, in a way that an average user
should understand it.'

Whether this dialog is displayed by the MUA or by an external key
management application doesn't matter for the end user (yes, the latter
would certainly be better).

[Yes, I'm full of ideas today :-)]

(Compare it to: a mailreader reads and sends mail, so managing mail
accounts should also be able. If it encrypts and decrypts, managing keys
should also be available).

cheers
-- vbi

--=20
this email is protected by a digital signature:  http://fortytwo.ch/gpg

NOTE: keyserver bugs! get my key here: https://fortytwo.ch/gpg/92082481

--=-Qvufjm8+ra8ocBXqbNHh
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iHQEABECADQFAj25FyQtGmh0dHA6Ly9mb3J0eXR3by5jaC9ncGcvcG9saWN5L2Vt
YWlsLjIwMDIwODIyAAoJEIukMYvlp/fW4dsAn0xflODv9/e4w302vLhDEjFaEVoi
AJsE3ti+ZAlY94BQOgeSv5QQ2UF+oQ==
=WHqw
-----END PGP SIGNATURE-----
Signature policy: http://fortytwo.ch/gpg/policy/email.20020822

--=-Qvufjm8+ra8ocBXqbNHh--