[Enigmail] From Circumvention

David dgboles at gmail.com
Sat Mar 7 17:29:42 CET 2015


On 3/6/2015 3:33 PM, Matthew Woehlke wrote:
> On 2015-03-06 15:16, David wrote:
>> I am confused by this request. What difference does it make if 'someone
>> else' knows whose public is on your public keyring?
> 
> Hello, David,
> 
> I am a keyserver administrator. Please send me your complete address book.
> 
> Thanks!
> 
> (I hope I make my point? I'm *not* especially paranoid, and I'd have at
> best mixed feelings about publishing a list of people with whom I
> correspond to a third-party server. Think about how people *whose lives
> depend on encryption* are likely to feel about doing so...)
> 


Okay. Last comments.

You don't have any keys in your public keyring that you have never
written to or even know? Really? Since I signed my replies your system
should have searched whatever key server you have configured it to use
to retrieve my public key. Oh, by the way, the key servers for the
convenience of the users, share keys. If you ever have published your
key to one it will be on all of them.

And finally you can set your Thunderbird to use one, and only one, key
server that you trust. Your choice. Or. You can choose to not use any
key server at all. None. Your super secret email list users can send you
personally any key update or replacement.

If that makes you feel more secure.

You have a great weekend.
-- 

  David

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <https://lists.enigmail.net/pipermail/enigmail-users_enigmail.net/attachments/20150307/2504be18/attachment-0001.sig>


More information about the enigmail-users mailing list