Nelson B Bolyard wrote:
if you send an encrypted message to
someone from whom you have never received a signed S/MIME message, you will
use weak encryption.
Thank you for this useful description.
I feel it would make sense to open a bug to change this default.
Rational : If someone went the hassle of doing everything it requires to
send an encrypted mail, he needs his message to be encrypted more than
he needs it to be 100% compatible with everybody.
And today 40 bits security is so easy to break that nobody can seriously
call that "encrypted".
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
