Agreed you’re right. However it’s still a less secure protocol than other standards of communication that are available, Matrix, Mattermost, Signal etc.
Email minus pgp you are correct email with pgp I honestly think it’s more secure than all of them since you know the protocol is not going to help you and it was the end to end encryption before it was cool. It’s just a pain in the ass to use but that has nothing to do with security. I trust a pgp encrypted email over a matrix or signal where it all happens behind the scenes to the user.
My major concern is the nature of the request. Please email me an unencrypted email so that I can send you a PGP key to sign further encrypted comms to a different email address.
Also you’re correct PGP is difficult to handle in email as it’s bolted onto an old and plaintext protocol. I’m learning a lot about email here. Most of my PGP signed packages are done in linux repositories and I admit that I’m not as familiar with it as ECDSA and other encryption algos.
lordnikon@lemmy.world 1 week ago
But not sending emails it’s about sending you emails and a token highjacking has nothing to do with the email protocol.
horse_battery_staple@lemmy.world 1 week ago
Agreed you’re right. However it’s still a less secure protocol than other standards of communication that are available, Matrix, Mattermost, Signal etc.
MidnightMan@lemmy.world 1 week ago
I have taken your concerns to heart and will integrate guest accommodations into the Matrix server.
lordnikon@lemmy.world 1 week ago
Email minus pgp you are correct email with pgp I honestly think it’s more secure than all of them since you know the protocol is not going to help you and it was the end to end encryption before it was cool. It’s just a pain in the ass to use but that has nothing to do with security. I trust a pgp encrypted email over a matrix or signal where it all happens behind the scenes to the user.
horse_battery_staple@lemmy.world 1 week ago
My major concern is the nature of the request. Please email me an unencrypted email so that I can send you a PGP key to sign further encrypted comms to a different email address.
Also you’re correct PGP is difficult to handle in email as it’s bolted onto an old and plaintext protocol. I’m learning a lot about email here. Most of my PGP signed packages are done in linux repositories and I admit that I’m not as familiar with it as ECDSA and other encryption algos.