From: Daiki Ueno <ueno@gnu.org>
To: ding@gnus.org
Subject: Re: Default encryption for Message
Date: Sun, 28 Sep 2014 09:16:57 +0900 [thread overview]
Message-ID: <871tqw1tvq.fsf-ueno@gnu.org> (raw)
In-Reply-To: <86y4t7vfkm.fsf@informationelle-selbstbestimmung-im-internet.de> (Jens Lechtenboerger's message of "Thu, 25 Sep 2014 18:18:49 +0200")
Jens Lechtenboerger <jens.lechtenboerger@fsfe.org> writes:
> I was interested in mml2015-encrypt-to-self and looked at its doc
> string. Setting to t fails. You explained that
> mml2015-sign-with-sender or mml2015-signers are necessary.
> However, I don’t want to sign and suggested gpg.conf/Bcc instead.
So, maybe improving the documentation of mml2015-encrypt-to-self would
be a good start?
> In your scenario, I see two choices, say concerning Alice with those
> three keys.
>
> (1) Friend Bob wants to send a message to Alice and is supposed to
> choose the correct key B (but neither A nor C).
>
> (2) Alice wants to send an encrypted message to colleague Charlie,
> and she wants to make sure that the message is encrypted to her key
> A (but neither B nor C) in addition to Charlie’s key.
>
> For (1), my code sets mm-encrypt-option to 'guided to enforce a
> manual choice so that Bob learns about the existence of those three
> public keys in the first place. (Ted Zlatanov suggested to save
> that choice.)
I don't think this is a good idea. I know some people ("security" fans)
like this kind of verbose behavior, but others don't even want to
remember key IDs and are prone to choose wrong keys.
There are criticisms about a related topic:
http://www.superlectures.com/guadec2013/more-secure-with-less-security
> For (2), I think that another variable would be necessary to
> customize what key to use for what recipient. (Gnus could ask if it
> detects multiple encryption keys.)
No objection on that.
> I don’t see how either case is supported by mml2015, though. What
> is your configuration?
It can be done by dynamically setting mml2015-signers upon sending. For
some reason I use hooks (namely message-header-hook), but it can be done
more easily by using group parameters or BBDB.
(info "(gnus) Group Parameters")
> Besides, what is the intended meaning for signatures if
> mml2015-signers contains multiple keys?
This is certainly for the case when one wants to sign a message with
multiple keys.
next prev parent reply other threads:[~2014-09-28 0:16 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-09-21 10:08 Jens Lechtenboerger
2014-09-23 20:02 ` Ted Zlatanov
2014-09-24 13:59 ` Jens Lechtenboerger
2014-09-24 15:28 ` Ted Zlatanov
2014-09-24 2:23 ` Daiki Ueno
2014-09-24 14:30 ` Jens Lechtenboerger
2014-09-25 3:06 ` Daiki Ueno
2014-09-25 16:18 ` Jens Lechtenboerger
2014-09-28 0:16 ` Daiki Ueno [this message]
2014-10-02 16:51 ` Jens Lechtenboerger
2015-10-16 16:26 ` Refactoring of mml1991.el, mml2015.el, mml-smime.el (was: Default encryption for Message) Jens Lechtenboerger
2015-10-18 7:36 ` Refactoring of mml1991.el, mml2015.el, mml-smime.el Peter Münster
2015-10-18 14:09 ` Greg Troxel
2015-10-19 12:58 ` Jens Lechtenboerger
2015-11-06 2:10 ` Daiki Ueno
2015-11-07 20:28 ` Jens Lechtenboerger
2015-11-11 6:20 ` Daiki Ueno
2015-11-14 15:44 ` Jens Lechtenboerger
2015-11-20 16:31 ` in defense of GitLab or something (was: Refactoring of mml1991.el, mml2015.el, mml-smime.el) Ted Zlatanov
2014-09-22 12:49 Default encryption for Message Uwe Brauer
2014-09-22 17:04 ` Jens Lechtenboerger
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=871tqw1tvq.fsf-ueno@gnu.org \
--to=ueno@gnu.org \
--cc=ding@gnus.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).