Hi, On Sat, Aug 30, 2025 at 09:07:26PM +0300, Teemu Likonen wrote: > No big harm in that case but if a technical person like Debian > project leader can fail (to respect) encryption then anyone can and > the whole email encryption idea is doomed or restricted to really > known trusted parties.
It's not surprising as the entire history of PGP/GPG is that of UI and UX failure. It's not even restricted to the email part; in the distant past I submitted my public key to keyrings that were distributed by organisers prior to "key signing" parties with the idea of making the process faster¹, then I wasn't able to attend. Yet still tens of participants sent me back signed copies of my key. I wasn't even *there* yet there are tens of people who were willing to sign with absolute authority that they met me and checked my government ID. And those are people already part of the FOSS community who were specifically interested in the PGP web of trust, not anywhere near average computer users. Worse still, they uploaded their signed copies of my public key to keyservers without my consent so I couldn't even clean things up on an honestly basis by not accepting signatures of people I know I never met. The key was out there on the hopelessly broken keyserver network (which doesn't even really exist now due to how unscalable it was). There is also a past story of a Debian Developer who attended a key signing party at a Debconf and used their own originally created citizen ID of a nation that doesn't exist, and this was signed by many other Debian Developers. PGP was a great invention but it's really like the "next draw the rest of the owl" of secure communication. > I would like to gather some general information and your experience how > email clients behave by default when you press REPLY button for an > encrypted mail. Just a general picture and your experience. Honestly I don't think it matters what I as the sender do or think. The almost insurmountable problem is that I need to communicate with normal people and normal people just do not know what to do with any form of PGP-encrypted email. That was the story 15 years ago; now it's that *plus* normal people don't even know how to use regular email properly. Basically if gmail doesn't do it, they don't do it, and good luck influencing that. My Mutt defaults to signed and encrypted if in reply to an encrypted mail. Even Mutt needs quite a bit of configuration before it's usable in any respect though, and I don't recall if I did something to make it do that. > If REPLY buttons are not safe (that is, defaulting to encrypted replies > for encrypted mail) it is probably better to encrypt a text file > manually and attach the encrypted file. It forces the recipient to go > outside the mail client and decrypt the attachment manually. It breaks > the normal habit and quick thoughtless replies. It's a hard problem. What do governments and corporations do? Unless dealing with extremely motivated nerds, whatever you do probably has to be web based. Thanks, Andy ¹ A practice which I understand was not recommended, for exactly this reason. -- https://bitfolk.com/ -- No-nonsense VPS hosting Please consider the environment before reading this e-mail. — John Levine
