[Autocrypt] Posteo with outgoing autocrypt-headers
Vincent Breitmoser
look at my.amazin.horse
Tue Dec 19 04:16:12 EST 2017
Pablo(autocrypt at duckdalbe.org)@Tue, Dec 19, 2017 at 09:16:11AM +0100:
> Only if the user activated the inbound-encryption feature[1].
> If the feature is not active, but the uploaded key is published[2], the
> header is injected (unless present) but without "prefer-encrypted"-attribute.
Oh, interesting! That makes sense, since the user will need to have
their keys on all devices anyways. Good thinking.
I'm slightly worried that inbound-encryption will lead to overriding a
communication peer's prefer-encrypt setting. e.g. if Alice sends an
unencrypted mail to Peter (at Posteo) and doesn't have prefer-encrypt
mutual, then Peter will still receive an encrypted message and, by
Autocrypt logic, reply encrypted, which in turn forces Alice to reply
encrypted, even though they did not both have prefer-encrypt mutual.
We really didn't think a lot about provider support. I wonder if it
makes sense to have a mechanism that signals inbound-encryption, to
avoid this scenario?
- V
More information about the Autocrypt
mailing list