Encrypting to the Unknown

[Werner Koch]

On Wed, 11 Dec 2002 18:54:34 +0100, Michael Nahrath said:

>>>> There may be warnings ("You have no trustpath to this key that indicates its
>>>> validity. Use anyway? [[cancel]] [OK]") or a pref to switch this off.
>                           ^^^^^^^^^^
> Pleas care for the detail that "cancel" is the default.

I have too often looked over the shoulders of mutt users and most of
them just enter "y" when mutt asked them whether they still want to
use thsi key.  A default doesn't matter - they want to get the message out.

> It forces them to sign someone they don't know a bit. Doing this should be
> extremely dicouraged by the client software, not needed.

signing and locally signing is different.  You use lsign here to
indicate that you have some relationship with that key but you don't
anything else about it.  When you later meet him, you can easily do a
real signature.  I have done this quite often

OTOH, David is right:  It is not easy to see what the difference
between lsign and sign is.  A MUA should provide a way to just do
this lsign after some explanation screens.  

We might want to add a simple command line way to do the lsign;
without falling back into the edit menu. There may even be notation
data to explain on what grounds one trust this key (ala revocation
reason).

> Even if they only --lsign they will have a trust-path to the signed
> afterwards. This is a far worse security problem than willingly

Sure, that is the reason why it is done; it does not harm.

> I use lsign only for keys where I am pretty much shure that they belong to
> the one I want to reach, but not enough to guarantee his identity to the

Exactly.

> And yes, there are valid reasons to encrypt to an unknown.

But not for the average user. Your case is pretty rare: Accounts with
passwords? I thought everyone is using ssh nowadays. 


Salam-Shalom,

   Werner