STEED - Usable end-to-end encryption

Werner Koch wk at
Tue Oct 18 17:41:50 CEST 2011

On Tue, 18 Oct 2011 16:30, peter at said:

> Because it is the e-mail address of the recipient you look up; that's all the
> data you have in this scenario. Thus, for me you would look up a key
> corresponding to user peter at the domain The only logical

Right.  That is the whole point.  We want to make keys invisible.  You
can't explain easily why you need a separate public key if you already
have an email address.  Thus from the user's point of view the email
address is the public key.

>, which is under control of the e-mail provider. ISP here means
> e-mail provider, by the way, perhaps that is the confusion. Unless I'm the one

Sure, email provider.  However for most users this is identical to the
ISP: First of all they need a connection to the Internet.  Unless you
spend a lot of money for the connections you will get an email address
along with your user identification for DSL access.

The email provider sets up something like /etc/aliases for the mail
address and some of them also enter records into their zone file with
the mailbox name for anti-spam protocols.  They need to enter yet
another record into a zone file to allow a key lookup by the assigned
mail address.



More information about the Gnupg-users mailing list