How to improve our GUIs (was: We have GOT TO make things simpler)

Tony Lane codeguro at
Fri Nov 1 20:42:26 CET 2019

Hash: SHA512

On 10/29/19 8:33 PM, raf via Gnupg-users wrote:
> Hi,
> Sorry if this was mentioned before but I've just come
> across a novel approach to email encryption that
> doesn't do end-to-end encryption, but rather it
> encrypts email upon receipt so that an individual can
> encrypt the email that is stored in their IMAP account
> as it arrives without the need for every sender to
> encrypt and without the need for any service provider's
> involvement

That doesn't sound very safe. My interpretation of the
goals of GPG is two server two purposes:
1) To transmit data securely over an insecure medium in
a way such that it can protect itself against some
eavesdropper or man-in-the-middle listening, or...
(2) Provide a means to create digital signatures on data
such that you can be assured that some message was sent
only by someone who possesses the private key who's
public key you've added.

Your proposal doesn't seem to address the MITM attacks.
It doesn't seem deal with signatures either.
It seems only to encrypt things only on receipt. What
does that protect against, exactly? Maybe I'm missing
something here...


More information about the Gnupg-users mailing list