Re: mutt/2122: Should encrypt messages to the Sender: key as well as

To: Mutt Developers <mutt-dev@xxxxxxxx>
Subject: Re: mutt/2122: Should encrypt messages to the Sender: key as well as
From: Alain Bench <veronatif@xxxxxxx>
Date: Sun, 27 Nov 2005 21:55:02 +0100
List-unsubscribe: <mailto:mutt-dev-request@mutt.org?Subject="Unsubscribe Mutt Dev"?body=unsubscribe>
Mail-followup-to: bug-any@xxxxxxxxxxxxx
References: <mutt-pr-2122@xxxxxxxxxxxxx>
Reply-to: bug-any@xxxxxxxxxxxxx
Sender: owner-mutt-dev@xxxxxxxx

The following reply was made to PR mutt/2122; it has been noted by GNATS.

From: Alain Bench <veronatif@xxxxxxx>
To: bug-any@xxxxxxxxxxxxx
Cc: Javier =?iso-8859-1?Q?Fern=E1ndez-Sanguino_Pe=F1a?= <jfs@xxxxxxxxxxxx>
Subject: Re: mutt/2122: Should encrypt messages to the Sender: key as well as
 to recipients
Date: Sun, 27 Nov 2005 21:42:25 +0100 (CET)

  On Saturday, November 26, 2005 at 21:05:02 +0100,
  Javier Fern=E1ndez-Sanguino Pe=F1a wrote:
 
 > On Fri, Nov 25, 2005 at 10:51:53PM +0100, Alain Bench wrote:
 >> a way to set self-encryption easely would be usefull. But it has t=
 o
 >> be configurable
 > I don't understand why it needs to be configurable and signing for =
 Bcc
 > is not.
 
     These are two different problems: The one can't justify the other=
 .
 Are you talking about bug/1090 (bcc:s given away through encryption)?
 
 
 >> for security reason the default should be no self, as today.
 > For what "security reasons"? If you want to mention privacy (or
 > protection from legal action), fine
 
     Yes, and also making the sender an additional attackable target.
 
 
 > but for "availability" (which is a security concept) users would
 > expect to have their saved mail encrypted against their private key=
  so
 > that they are able to read it in the future.
 
     Yes, some users expect and prefer self-encryption. Probably the
 majority (?), as it's usefull and handy to have readable archives. Bu=
 t
 when user-friendliness and security fight for an option's default val=
 ue,
 security should win, I believe. That principle has been leading Mutt'=
 s
 and GnuPG's design in the past.
 
 
 > mutt fail the "principle of least astonishment", most people will
 > think that the mail will sent will be readable after for them
 
     Yes, you're probably right, and that's unfortunate. Also remember=
  by
 default $record is empty, so no local copy of sent mail at all. Good
 documentation could perhaps moderate the astonishment.
 
 
 > I've personally seen this mistake a few times on several people tha=
 t
 > use mutt (me included) and I bet there are lots others.
 
     V'yy qral univat pbasrffrq vg, ohg lbh pna pbhag zr, ybat ntb. ;-=
 )
 
 
 Bye!=09Alain.
 --=20
 Followups to bug reports are public, and should go to bug-any@xxxxxxx=
 tt.org,
 and the reporter (unless he is a member of mutt-dev). Do not CC mutt-=
 dev mailing
 list, the BTS does it already. Do not send to mutt-dev only, your wri=
 tings would
 not be tracked. Do not remove the "mutt/nnnn:" tag from subject.

Prev by Date: mutt/1087: mutt should hide folder-internal messages
Next by Date: Re: mutt/1087: mutt should hide folder-internal messages
Previous by thread: [2005-11-27] CVS repository changes
Next by thread: mutt/2143: sort-mailbox should also work in pager
Index(es):
- Date
- Thread