RSA or DSA keylength as an anti-spam feature
Jérôme Pinguet
jerome at jerome.cc
Wed Jul 2 19:28:47 CEST 2014
On 02/07/2014 05:32, MFPA wrote:
> Hi
>
>
> On Wednesday 2 July 2014 at 2:26:07 AM, in
> <mid:53B35FAF.9060008 at jerome.cc>, Jérôme Pinguet wrote:
>
>
> > OpenPGP as a kind of HashCash / proof of work solution
> > to spam?
>
> > If this proposition makes sense, that would open the
> > way for a huge increase in user base! :-)
>
> Mail encryption is vastly superior to HashCash, in my opinion, since
> it protects the message content rather than merely wasting CPU effort.
>
>
>
> > I'm thinking about automatically sending a reply (Wanna
> > contact me? Install GPG or use my https://encrypt.to
> > OpenPGP.js contact form...) then deleting unencrypted
> > emails, at the MUA level. Does this make sense?
>
> Depends on context. One of the banks I use eschews all email contact
> but has a contact form on their "secure" website. But generally
> speaking, auto-replies of the type "you sent an email to
> <user at example.com>, please click this link or reply to this
> message..." result in my not bothering, and potentially doing business
> with somebody who is easier to contact.
Most of my first contacts with potential new customers or business
partners go through a contact form on my websites anyway, so that
wouldn't be a problem for me.
>
> By the way, I tried to send a test message to myself from
> <https://encrypt.to> but was thwarted by its assumption that the email
> address for message delivery would be found in the recipient's key,
> which mine is not. I then sent myself a test message encrypted to a
> revoked key, so I guess either Encrypt.to or OpenPGP.js needs a bit
> of tweaking.
I'm following the project on GitHub, everyting is GPLv3, I'll open
issues for those two problems, thanks for reporting!
Git is https://github.com/encrypt-to
I'm aware that OpenPGP.js is a relatively new project and less secure
than GnuPG, but it might be a step forward to get people interested and
to allow people who make the effort to create a key to be able to
receive messages by end users.
Thanks again for your answer and reports.
jérôme
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 726 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20140702/7d127d22/attachment.sig>
More information about the Gnupg-users
mailing list