Encrypt if key for recipient's address exists?

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Encrypt if key for recipient's address exists?

Andreas Schmidt-15
Hi,

I really am for using encryption as much as possible -- but let's face  
it, hardly anyone is encrypting mail. Among my many contacts, there are  
less than five who do; many of the others just don't care, others feel  
it is too complicated, and still others just have no idea what all that  
encryption stuff is about. (I have been told many times that somebody  
could read my mail, but the attachment, i.e. the signature part of the  
mail, could not be opened and I should send it again.)

Given that I cannot use encryption for mails to the majority of my  
contacts, I have only "Sign message" activated in my default identity.  
When composing a mail to one of my encrypting contacts, I must activate  
encryption manually. Actually, I have an identity with "Encrypt  
message" assigned to the mailboxes of my encrypting contacts.  
Unfortunately, this identity is only chosen if I *reply* to a message  
from these contacts. If I write a new message to them, I have to choose  
the "encrypting identity" manually -- and there have been cases where I  
have forgotten to change identities or missed the line with the correct  
identity. Thus, I have been sending mails only signed instead of signed  
and encrypted.

I believe that a useful remedy for this amnesia would be the ability to  
automatically encrypt mails to recipient addresses if a matching key is  
present in the local keyring. Perhaps an option "encrypt automatically  
if key is present" could be added to the dialogue in "Manage Identities  
.--> Security" or, more prominent, to "Balsa Preferences --> Mail  
options (Outgoing) --> Other options". Would that be possible?

Would that even make sense? Definitely, if you think about writing a  
mail to just one recipient address. But what if an "encrypting contact"  
is just in (B)CC, or if there are several (encrypting as well as  
non-encrypting) contacts in the To-header? It wouldn't make much sense  
to encrypt a mail that is also sent to a mailing list. But could  
sending the same message both encrypted and unencrypted compromise keys?

Curiously

Andreas
_______________________________________________
balsa-list mailing list
[hidden email]
https://mail.gnome.org/mailman/listinfo/balsa-list

attachment0 (201 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Encrypt if key for recipient's address exists?

Albrecht Dreß
Hi Andreas:

Am 07.07.17 12:41 schrieb(en) Andreas Schmidt:
> Perhaps an option "encrypt automatically if key is present" could be added to the dialogue in "Manage Identities .--> Security" or, more prominent, to "Balsa Preferences --> Mail options (Outgoing) --> Other options".

Open “Settings ▶︎ Identities ▶︎ [Identity] ▶︎ Security” and check “remind me if messages can be encrypted”.  This will show a dialogue when public keys for all recipients are available.  Automatic encryption is not a good idea IMO, as the recipient may be in a situation where [s]he has no access to GnuPG (web mailer, iToy, Wintendo, ...).

> if there are several (encrypting as well as non-encrypting) contacts in the To-header?

I don't see the use case:
- Either the message contents shall be kept confidential, then there is no way to send it unencrypted even to a single recipient.
- Or you just want to demonstrate that you /could/ encrypt.  Then it is sufficient to sign it.

> But could sending the same message both encrypted and unencrypted compromise keys?

No: <https://security.stackexchange.com/questions/42919/can-a-pgp-private-key-be-deduced-if-the-email-text-is-known>.

Hth, Albrecht.
_______________________________________________
balsa-list mailing list
[hidden email]
https://mail.gnome.org/mailman/listinfo/balsa-list

attachment0 (484 bytes) Download Attachment
Loading...