Re: Choose signing key

From: Bruno Miguel <brunoalexandremiguel gmail com>
To: Albrecht Dreß <albrecht dress arcor de>
Cc: balsa-list gnome org
Subject: Re: Choose signing key
Date: Sat, 02 Aug 2008 15:00:29 +0100

Em 02-08-2008 14:42:46 Albrecht Dreß escreveu:
> Am 02.08.08 15:13 schrieb(en) Bruno Miguel:
> Why is the standard GnuPG trust level management not sufficient for
> you  
> in this case?  I must admit that Balsa's trust level management could 
> 
> be improved, though.  If you have any ideas, they would be welcome!

The ability to create signing filters, so a specific email address 
would be automatically signed with a specific key, also allowing the 
sender to remove the signature if he wanted.
 
> O.k., so you have multiple keys with the same e-mail address in the  
> uid, and you have multiple identities in Balsa, all with the same  
> sender e-mail address, but for different purposes?  And now, when you 
> 
> send a message, you always get a dialogue to choose the key, right?

I haven't tried that, yet. But I will do it in a moment.
 
> I simply could fix that by adding a text entry in the identities 
> where
>  
> you can *force* a specific key by entering it's key id (most users  
> would leave it empty, though, to let Balsa choose it automatically).  
> 
> Would this be a solution for your requirements?

Yes. Like I said, I have two keys at the moment. One is for signing 
emails and other for encrypting and decrypting local files, both 
created with the same email address. So, the ability to attach a 
specific key to a specific identity would be a good addition to Balsa, 
I think, because it put more control in the hands of the user.

> ^^^^^^^
> Again:  decryption is *only* related to *encrypted* messages.  IOW,
> you  
> may send messages without signing them, but still with encryption for 
> 
> the recipients.  Such messages con only be read by the real
> recipients,  
> but they cannot prove your identity.  Any signature does *not* 
> improve
>  
> privacy.

I know. But users should be able to sign emails sent to specific 
addresses using a weaker signature or a stronger one or just one 
different. I, at least, don't want a signature I use to send emails to 
my family be shared with other people I also want to sign the emails I 
sent to them, using the same email address.

> 
> If you have multiple keys for the recipient(s), you again will see 
> the
>  
> dialogue to choose the right (public) key.  However, as long as the  
> recipients didn't distribute their private ones, one key will be as  
> good as any other...
> 
> If you need really high security, I suggest you and your colleagues 
> to
>  
> get OpenPGP smartcards.  Those are a *real* security improvement [1,
> 2].
> 
> Cheers,
> Albrecht.
> 
> 
> [1] <http://www.g10code.com/p-card.html>
> [2] <http://www.gnupg.org/howtos/card-howto/en/smartcard-howto.html>
> 

Haven't heard of those. Thanks for the tip ;)

I hope Balsa's community doesn't think I'm trying to force anything. 
I'm just suggesting features I would like to see in Balsa and I 
consider useful to other people. Unfortunately for me, I never learned 
how to code, so I can't send patches; only make suggestions, send 
debugs, etc.

Peace;
Bruno Miguel

Follow-Ups:
- Re: Choose signing key
  - From: =?UTF-8?q?Albrecht_Dre=C3=9F?=

References:
- Re: Choose signing key
  - From: =?UTF-8?q?Albrecht_Dre=C3=9F?=

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]