Fwd: It's time for PGP to die.

Mark H. Wood mwood at IUPUI.Edu
Mon Aug 18 15:59:33 CEST 2014


On Sun, Aug 17, 2014 at 12:41:52AM +0100, Nicholas Cole wrote:
> On Sun, Aug 17, 2014 at 12:08 AM, Robert J. Hansen <rjh at sixdemonbag.org> wrote:
[snip]
> > OpenPGP's biggest problem, BTW, which goes *completely unmentioned* in
> > this blogpost: OpenPGP can't protect your metadata, and that turns out
> > to often be higher-value content than your emails themselves are.
> > Further, exposed metadata is inherent to SMTP, which means this problem
> > is going to be absolutely devilish to fix.
> 
> That is true.  But perhaps it would be a start if email clients
> actually put the actual email (with subject and references headers
> etc.) as an attachment to a bare email that contained only the minimal
> headers for delivery.  It wouldn't be a perfect solution, but it would
> at least fix a certain amount of metadata analysis.

Perhaps it would be a start if sites providing SMTP would turn on
STARTTLS.

-- 
Mark H. Wood
Lead Technology Analyst

University Library
Indiana University - Purdue University Indianapolis
755 W. Michigan Street
Indianapolis, IN 46202
317-274-0749
www.ulib.iupui.edu
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: Digital signature
URL: </pipermail/attachments/20140818/cba88280/attachment.sig>


More information about the Gnupg-users mailing list