How to improve our GUIs (was: We have GOT TO make things simpler)

[Tony Lane]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 10/29/19 8:33 PM, raf via Gnupg-users wrote:
> Hi,
> 
> Sorry if this was mentioned before but I've just come
> across a novel approach to email encryption that
> doesn't do end-to-end encryption, but rather it
> encrypts email upon receipt so that an individual can
> encrypt the email that is stored in their IMAP account
> as it arrives without the need for every sender to
> encrypt and without the need for any service provider's
> involvement

That doesn't sound very safe. My interpretation of the
goals of GPG is two server two purposes:
1) To transmit data securely over an insecure medium in
a way such that it can protect itself against some
eavesdropper or man-in-the-middle listening, or...
(2) Provide a means to create digital signatures on data
such that you can be assured that some message was sent
only by someone who possesses the private key who's
public key you've added.

Your proposal doesn't seem to address the MITM attacks.
It doesn't seem deal with signatures either.
It seems only to encrypt things only on receipt. What
does that protect against, exactly? Maybe I'm missing
something here...
-----BEGIN PGP SIGNATURE-----

iLgEARMKAB0WIQQWZv6JZKxO310TWtXo8fj9gx4T0wUCXbyKogAKCRDo8fj9gx4T
06a/AgjETQjTvlCkOeKWIqOrkcHQmNhbWtV1RYM3IbOoj6wddB3KPClw8aglVXMg
BEockH7nPuYT1rxxDhG8+llq9uXiEgIJAUsF0cCZbxparDbfzkTCb32opFdCIqb6
X95rfCCbaE/luNCTUR9B0+VVNdfUn4dcNkTSx8W6svJvjNB6RSwGm1wg
=MZCl
-----END PGP SIGNATURE-----