OpenPGP key verification + legal framework
wiktor at metacode.biz
Mon Nov 5 21:51:53 CET 2018
On 05.11.2018 21:37, Viktor wrote:
>> Sending an encrypted e-mail additionally verifies that the user controls
>> the key in question.
> But you can easily send email with any address in 'from' field.
> It does not mean you really control this email address.
Maybe there is a small misunderstanding here. I meant sending an e-mail
*to* the registering person encrypted using *their* OpenPGP key. This
way it can be read *only* by them even if they are using "insecure
e-mail system" :)
(there is also a minor point that properly deploying DMARC will protect
from spoofing "From" field on major mail providers)
More information about the Gnupg-users