Hi Gaute--
On Sun 2018-02-04 11:46:20 +0100, Gaute Hope wrote:
> Astroid v0.11 has been released!
Congratulations -- it's great to see this progress! :)
> * Always throw key-id when sending (using GMime 3)
Can you explain this choice? As someone who receives mail with a thrown
key-id, and as someone who has multiple secret keys, the user experience
of receiving encrypted mail like this is *terrible*. (terrible to the
point of me wanting to ask people who do this for normal mail to just
send me mail in the clear in the future :( )
In particular: GnuPG doesn't know which key to use, so it prompts me for
passphrases for *all* of the secret keys i control, in succession.
I understand the desire to reduce metadata leakage. But if you're
wrapping the PGP/MIME application/pgp-encrypted part in an RFC822
message that contains a header with the person's e-mail address anyway,
it's not clear that there has been a significant reduction of cleartext
metadata. So this seems like a bad tradeoff for any case where the
recipient is explicitly specified (i.e., not in Bcc:)
Regards,
--dkg