[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-bugs-dist
Subject: [Bug 44699] can't encrypt with gpg if the receiver's key is not
From: Torsten Landschoff <torsten () debian ! org>
Date: 2008-02-21 13:05:01
Message-ID: 20080221130501.14821.qmail () ktown ! kde ! org
[Download RAW message or body]
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
http://bugs.kde.org/show_bug.cgi?id=44699
------- Additional Comments From torsten debian org 2008-02-21 14:04 -------
Come on, this can't be true. kmail disallows me to send encrypted with an untrusted \
key - why!? Warning is okay, perhaps in bold letters and some "I am really sure" \
check.
This misfeature makes kontact all but useless for me. I won't go and sign any key of \
other Debian people I did not meet in person - I can't be sure the key matches the \
person. But at least it will only be readable by the person having the key, no t to \
every mail server in between us.
For work I have a big list of keys which I won't sign. For one I know the person \
relating to the key, but I did never check any passports. So I won't sign them. So \
the "solution" to use kmail is to --lsign every key? Not!
While I am just using Thunderbird again in disbelief, others will happily sign every \
key just to be able to send an email. For me this looks like a security problem (the \
social engineering kind) and not like a wishlist bug.
Please fix this!
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic