From: Jens Lechtenboerger <jens.lechtenboerger@fsfe.org>
To: Daiki Ueno <ueno@gnu.org>
Cc: ding@gnus.org
Subject: Re: Default encryption for Message
Date: Thu, 25 Sep 2014 18:18:49 +0200 [thread overview]
Message-ID: <86y4t7vfkm.fsf@informationelle-selbstbestimmung-im-internet.de> (raw)
In-Reply-To: <m3zjdoielh.fsf-ueno@gnu.org> (Daiki Ueno's message of "Thu, 25 Sep 2014 12:06:02 +0900")
On 2014-09-25, Daiki Ueno wrote:
> Jens Lechtenboerger <jens.lechtenboerger@fsfe.org> writes:
>
>> I fail to see why encrypt-to-self should be tied to sign-related
>> variables.
>
> The variable name might not be too intuitive, but maybe you could
> imagine how GPG signing and encryption work. Decryption keys are
> usually same as signing keys.
I’m not sure about that, but this may be a side issue. GnuPG
creates an encryption subkey by default.
> Suppose that one has three keys associated with his e-mail address. Key
> A is for encrypted e-mail communication with his colleagues, key B is
> for communicating with friends, and key C is for automatic signing of
> tarballs.
>
> Here, those keys are more securely protected in order of A, B, and C.
> He doesn't want to use key C for any e-mail encryption. He doesn't want
> to use key B for confidential communication within his company.
>
> This might sound hypothetical but I do have a similar setting. How do
> you address this situation with ~/.gnupg/gpg.conf options and Bcc?
Apparently, we have been talking about different things.
I was interested in mml2015-encrypt-to-self and looked at its doc
string. Setting to t fails. You explained that
mml2015-sign-with-sender or mml2015-signers are necessary.
However, I don’t want to sign and suggested gpg.conf/Bcc instead.
In your scenario, I see two choices, say concerning Alice with those
three keys.
(1) Friend Bob wants to send a message to Alice and is supposed to
choose the correct key B (but neither A nor C).
(2) Alice wants to send an encrypted message to colleague Charlie,
and she wants to make sure that the message is encrypted to her key
A (but neither B nor C) in addition to Charlie’s key.
For (1), my code sets mm-encrypt-option to 'guided to enforce a
manual choice so that Bob learns about the existence of those three
public keys in the first place. (Ted Zlatanov suggested to save
that choice.)
For (2), I think that another variable would be necessary to
customize what key to use for what recipient. (Gnus could ask if it
detects multiple encryption keys.)
I don’t see how either case is supported by mml2015, though. What
is your configuration?
Besides, what is the intended meaning for signatures if
mml2015-signers contains multiple keys?
Best wishes
Jens
next prev parent reply other threads:[~2014-09-25 16:18 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-09-21 10:08 Jens Lechtenboerger
2014-09-23 20:02 ` Ted Zlatanov
2014-09-24 13:59 ` Jens Lechtenboerger
2014-09-24 15:28 ` Ted Zlatanov
2014-09-24 2:23 ` Daiki Ueno
2014-09-24 14:30 ` Jens Lechtenboerger
2014-09-25 3:06 ` Daiki Ueno
2014-09-25 16:18 ` Jens Lechtenboerger [this message]
2014-09-28 0:16 ` Daiki Ueno
2014-10-02 16:51 ` Jens Lechtenboerger
2015-10-16 16:26 ` Refactoring of mml1991.el, mml2015.el, mml-smime.el (was: Default encryption for Message) Jens Lechtenboerger
2015-10-18 7:36 ` Refactoring of mml1991.el, mml2015.el, mml-smime.el Peter Münster
2015-10-18 14:09 ` Greg Troxel
2015-10-19 12:58 ` Jens Lechtenboerger
2015-11-06 2:10 ` Daiki Ueno
2015-11-07 20:28 ` Jens Lechtenboerger
2015-11-11 6:20 ` Daiki Ueno
2015-11-14 15:44 ` Jens Lechtenboerger
2015-11-20 16:31 ` in defense of GitLab or something (was: Refactoring of mml1991.el, mml2015.el, mml-smime.el) Ted Zlatanov
2014-09-22 12:49 Default encryption for Message Uwe Brauer
2014-09-22 17:04 ` Jens Lechtenboerger
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=86y4t7vfkm.fsf@informationelle-selbstbestimmung-im-internet.de \
--to=jens.lechtenboerger@fsfe.org \
--cc=ding@gnus.org \
--cc=ueno@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).