andrewg at andrewg.com
Sun Apr 30 16:54:21 CEST 2023
On 30 Apr 2023, at 14:42, Johan Wevers via Gnupg-users <gnupg-users at gnupg.org> wrote:
> On 2023-04-30 14:58, Andrew Gallagher via Gnupg-users wrote:
>> Whether this is done voluntarily or under duress from their employer is an opsec issue, not a comsec one.
> If it is an ex-employer that might be more compicated.
Indeed. If this is in your threat model then don’t use work email addresses for personal communication, because encryption cannot protect you.
>> The danger of an “ignore ADK” option is that it gives a false sense of security. It is already possible for an employer to require escrow of the decryption subkeys of their employees - ADK actually makes this process more transparent.
> That might be, but it is nowhere certain that this escrow will happen,
> especially if they roll out adk's.
You’re inverting the burden of proof here. The important consideration is that E2E can’t prove that a key *wasn’t* escrowed - so it’s much better for the software to make no claims about it than potentially misleading ones.
More information about the Gnupg-users