E-Mail Encryption: Why Isn't Everyone Doing It?
Adrian 'Dagurashibanipal' von Bidder
Fri Oct 25 12:03:02 2002
Content-Type: text/plain; charset=ISO-8859-1
On Fri, 2002-10-25 at 09:30, David Pic=F3n =C1lvarez wrote:
[key management functions don't belong in a MUA]
While I agree with you that the Unix philosophy is for tools to do one
thing, and that properly, the second half of it is that these tools can
be combined. For the CLI this is the Unix shell pipe, for the GUI ???.
A mailreader should read and send mail, yes. But when I tell the
mailreader to encrypt mail whenever possible, it would be great when the
mailer would try to encrypt:
'You want to encrypt to firstname.lastname@example.org, however, no encryption key has
been found in your keyring. However, there are these keys on the
keyserver that match the email address:
[ ] ...[userid here]...
[ ] ...
To ensure that email@example.com will receive the message, it is important
that blah blah blah about key trust, in a way that an average user
should understand it.'
Whether this dialog is displayed by the MUA or by an external key
management application doesn't matter for the end user (yes, the latter
would certainly be better).
[Yes, I'm full of ideas today :-)]
(Compare it to: a mailreader reads and sends mail, so managing mail
accounts should also be able. If it encrypts and decrypts, managing keys
should also be available).
this email is protected by a digital signature: http://fortytwo.ch/gpg
NOTE: keyserver bugs! get my key here: https://fortytwo.ch/gpg/92082481
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
-----END PGP SIGNATURE-----
Signature policy: http://fortytwo.ch/gpg/policy/email.20020822