PGP/MIME considered harmful for mobile

Aaron Toponce aaron.toponce at gmail.com
Sun Feb 27 23:35:33 CET 2011


On 02/27/2011 12:37 PM, Martin Gollowitzer wrote:
> I sign *all* my e-mail except for messages sent from my mobile (in that
> case, my signature tells the receiver why the message is not signed and
> offers the receiver to request a signed proof of authenticity later) or
> messages to people who can't receive signed messages (I had a case where
> e-mails arrived empty because of the MS Exchange/Antivirus/whatever
> combination at the receivers working place).

Not me. I only sign those that I'm willing to stand behind (which is the
vast majority), but If I want to go "off-the-record", I encrypt the mail
with the recipients key and not sign it. I may change the "from:" header
and use Tor, depending on the sensitivity and the need to remain anonymous.

-- 
. o .   o . o   . . o   o . .   . o .
. . o   . o o   o . o   . o o   . . o
o o o   . o .   . o o   o o .   o o o

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 591 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110227/2ff90f75/attachment.pgp>


More information about the Gnupg-users mailing list