header protection drafts too early to implement (Re: Protect email experience not Subject:s (hypothesis, draft))
Bernhard Reiter
bernhard at intevation.de
Fri Mar 19 11:19:01 CET 2021
Am Freitag 12 März 2021 18:02:41 schrieb Bernhard Reiter:
> To keep you in the loop, my main take-away so far:
> It is not ready to be implemented yet, because
If it is implemented, to me it makes sense to
a) only implement one method, and this seems to be
to wrap one full message in MIME, because it is most
backwards compatible and proposed in the current draft.
Thunderbird does implement a different outdated approach I believe
(At least I've examined an email from Thunderbird/78.6.0)
and I found Content-Type: multipart/mixed; boundary=".........";
protected-headers="v1")
b) implement reading first and do not activate sending.
This is something that Thunderbird should also fix.
Implemententation for reading makes some sense to try out how the unaddressed
usability problems will fare out.
To send encrypted subjects now means losing information if an injected
approach is used like Thunderbird seems to use.
Best Regards,
Bernhard
--
www.intevation.de/~bernhard +49 541 33 508 3-3
Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998
Geschäftsführer Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 659 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20210319/cfd32ca2/attachment-0001.sig>
More information about the Gnupg-users
mailing list