MUA "automatically signs keys"? (was: Re: Non email addresses in UID)

Gregor Zattler telegraph at gmx.net
Wed Jan 29 10:31:57 CET 2014


Hi Steve, gnupg users,
* Steve Jones <steve at secretvolcanobase.org> [24. Jan. 2014]:
> Which reminds me that I'd really like an email client that
> automatically signs keys at level 1 (persona) of anyone who replies
> with a signed email that quotes a significant portion of the text I
> sent, as this effectively counts as a challenge response protocol in my
> book.

That's an interesting idea.  But there is still the possibility
of a man in the middle attac...  The web of trust is supposed to
counter MITM attacks by signing keys only if the verification was
done directly (no middle person).


Ciao, Gregor
-- 
 -... --- .-. . -.. ..--.. ...-.-



More information about the Gnupg-users mailing list