Encryption on Mailing lists sensless?

Robert J. Hansen rjh at sixdemonbag.org
Mon Nov 17 23:38:15 CET 2014


> I think you'll find this has been solved for years. The solution is
> PGP/etc. between mail servers, and TLS/SSL to the user.

Given that I've seen PGP-signed spam mails, no, I think you're being naive.

> Solutions like GoodCrypto integrate with your existing mail server.

Then I don't want it.  If you're running the mailserver and you can 
decrypt my secured messages, then there's nothing preventing the federal 
government from serving you with a subpoena saying, "please hand over 
the encryption keys."

The only person who can be trusted to do the decryption is the end user, 
running on hardware the end user directly controls.

> This solution doesn't block experts who prefer user-to-user
> encryption, but an organization may object for the reasons that you
> gave, Robert.

I care very little about what happens to corporations.  You're still 
talking about destroying the antispam experience of end-users.  That's 
what I have the biggest problem with.



More information about the Gnupg-users mailing list