Re: Encrypt replies by default
Hi,
On Sat, Aug 30, 2025 at 09:07:26PM +0300, Teemu Likonen wrote:
> No big harm in that case but if a technical person like Debian
> project leader can fail (to respect) encryption then anyone can and
> the whole email encryption idea is doomed or restricted to really
> known trusted parties.
It's not surprising as the entire history of PGP/GPG is that of UI and
UX failure.
It's not even restricted to the email part; in the distant past I
submitted my public key to keyrings that were distributed by organisers
prior to "key signing" parties with the idea of making the process
faster¹, then I wasn't able to attend. Yet still tens of participants
sent me back signed copies of my key. I wasn't even *there* yet there
are tens of people who were willing to sign with absolute authority that
they met me and checked my government ID. And those are people already
part of the FOSS community who were specifically interested in the PGP
web of trust, not anywhere near average computer users.
Worse still, they uploaded their signed copies of my public key to
keyservers without my consent so I couldn't even clean things up on an
honestly basis by not accepting signatures of people I know I never met.
The key was out there on the hopelessly broken keyserver network (which
doesn't even really exist now due to how unscalable it was).
There is also a past story of a Debian Developer who attended a key
signing party at a Debconf and used their own originally created citizen
ID of a nation that doesn't exist, and this was signed by many other
Debian Developers.
PGP was a great invention but it's really like the "next draw the rest
of the owl" of secure communication.
> I would like to gather some general information and your experience how
> email clients behave by default when you press REPLY button for an
> encrypted mail. Just a general picture and your experience.
Honestly I don't think it matters what I as the sender do or think. The
almost insurmountable problem is that I need to communicate with normal
people and normal people just do not know what to do with any form of
PGP-encrypted email. That was the story 15 years ago; now it's that
*plus* normal people don't even know how to use regular email properly.
Basically if gmail doesn't do it, they don't do it, and good luck
influencing that.
My Mutt defaults to signed and encrypted if in reply to an encrypted
mail. Even Mutt needs quite a bit of configuration before it's usable in
any respect though, and I don't recall if I did something to make it do
that.
> If REPLY buttons are not safe (that is, defaulting to encrypted replies
> for encrypted mail) it is probably better to encrypt a text file
> manually and attach the encrypted file. It forces the recipient to go
> outside the mail client and decrypt the attachment manually. It breaks
> the normal habit and quick thoughtless replies.
It's a hard problem. What do governments and corporations do? Unless
dealing with extremely motivated nerds, whatever you do probably has to
be web based.
Thanks,
Andy
¹ A practice which I understand was not recommended, for exactly this
reason.
--
https://bitfolk.com/ -- No-nonsense VPS hosting
Please consider the environment before reading this e-mail.
— John Levine
Reply to: