MUA "automatically signs keys"? (was: Re: Non email addresses in UID)

Gregor Zattler telegraph at
Wed Jan 29 10:31:57 CET 2014

Hi Steve, gnupg users,
* Steve Jones <steve at> [24. Jan. 2014]:
> Which reminds me that I'd really like an email client that
> automatically signs keys at level 1 (persona) of anyone who replies
> with a signed email that quotes a significant portion of the text I
> sent, as this effectively counts as a challenge response protocol in my
> book.

That's an interesting idea.  But there is still the possibility
of a man in the middle attac...  The web of trust is supposed to
counter MITM attacks by signing keys only if the verification was
done directly (no middle person).

Ciao, Gregor
 -... --- .-. . -.. ..--.. ...-.-

More information about the Gnupg-users mailing list