E-Mail Encryption: Why Isn't Everyone Doing It?

Adrian 'Dagurashibanipal' von Bidder avbidder@fortytwo.ch
Fri Oct 25 12:03:02 2002

Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable


On Fri, 2002-10-25 at 09:30, David Pic=F3n =C1lvarez wrote:
[key management functions don't belong in a MUA]

While I agree with you that the Unix philosophy is for tools to do one
thing, and that properly, the second half of it is that these tools can
be combined. For the CLI this is the Unix shell pipe, for the GUI ???.

A mailreader should read and send mail, yes. But when I tell the
mailreader to encrypt mail whenever possible, it would be great when the
mailer would try to encrypt:

 'You want to encrypt to foo@bar.baz, however, no encryption key has
been found in your keyring. However, there are these keys on the
keyserver that match the email address:
	[ ] ...[userid here]...
	[ ] ...
To ensure that foo@bar.baz will receive the message, it is important
that blah blah blah about key trust, in a way that an average user
should understand it.'

Whether this dialog is displayed by the MUA or by an external key
management application doesn't matter for the end user (yes, the latter
would certainly be better).

[Yes, I'm full of ideas today :-)]

(Compare it to: a mailreader reads and sends mail, so managing mail
accounts should also be able. If it encrypts and decrypts, managing keys
should also be available).

-- vbi

this email is protected by a digital signature:  http://fortytwo.ch/gpg

NOTE: keyserver bugs! get my key here: https://fortytwo.ch/gpg/92082481

Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part

Version: GnuPG v1.0.7 (GNU/Linux)

Signature policy: http://fortytwo.ch/gpg/policy/email.20020822