symmetric email encryption
kloecker at kde.org
Fri Jul 18 15:40:34 CEST 2014
On Friday 18 July 2014 02:03:24 Hauke Laging wrote:
> is there any OpenPGP mail client which supports symmetric encryption?
KMail does not. At least, KMail does not support creating such messages.
It's possible that KMail would be able to read such messages since the
decryption is delegated to gpgme. And for the odd message (containing an
inline PGP MESSAGE block) sent to this list gpg-agent asks for a
symmetric encryption password when I open the message in KMail.
> I think that would be a nice feature for recipients who don't have an
> asymmetric key (those 99%). Many new communication systems have a
> fallback option for symmetric encryption in case the preferred way is
> unavailable. And, quite important: It would not require serious
> development effort as this possibility is built-in with GnuPGP.
I think you underestimate the development effort. Besides, AFAIK, there
is no standard for this.
> using Linux (and a mail client with OpenPGP support) could use that
> directly. The others would just have to install e.g. Gpg4win and
> Enigmail but would not have to configure it.
> Is there any reason *not* to support symmetric-only encryption in a
> mail client?
There are plenty of reasons. I already mentioned the lack of a standard.
Then there's the problem of key exchange which you completely ignore.
Related to this, you did not answer Robert's question "if you already
have a secure channel over which you can send a key, why not just use
that channel for your communications?".
Instead of support for symmetric encryption I'd rather love to see
automatic asymmetric encryption to be added to mail clients: OpenPGP
keys are created and uploaded to some key server automatically, and they
are looked up and used automatically (e.g. with trust-on-first-sight
similar to SSH keys) when sending a message. I'd prefer this to be done
in an opt-out fashion, i.e. unless the user explicitly tells the mail
client not to do it, the mail client would simply do it.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 198 bytes
Desc: This is a digitally signed message part.
More information about the Gnupg-users