[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: mailing list pgp signatures...



On Tue, Jul 14, 2009 at 18:14:57 -0400,
  "Steven W. Orr" <steveo syslang net> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> 
> The Enigmail package gets added to Thunderbird and provides the human
> interface to GnuPG. Enigmail does provide a setting on a per addressbook entry
>  for whether messages sent TO that address are signed or encrypted. But, if
> you try to automatically verify or decrypt a message as the recipient, and the
> key fetch fails, there's really no reason to think that it would ever fail
> again on a future attempt. There are features which would be nice to see added

Sure there is. If you try again immediately, I would certainly expect it to
fail again. That's what negative caching is for. The exact time to wait
should be configurable, but I would expect to a day to be a reasonable time
to wait before not trying another lookup.

> to Enigmail and marking a particular address as something that you do not want
> to see verified or decrypted has got to be way far down in the list of
> priorities.

As the proble was described it seemed that the key lookup blocked doing
anything further with your email until one keyserver lookup succeeded or they
all failed. This is broken behavior. It would seem much more reasonable to
flag the signature as unknown and start the lookups in the background.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]