Adding support for fetching GPG key using WKD protocol

Derek Martin invalid at
Mon Jul 9 16:41:07 UTC 2018

On Mon, Jul 09, 2018 at 05:05:58PM +0200, Vincent Lefevre wrote:
> On 2018-07-06 17:50:59 -0500, Derek Martin wrote:
> > On Fri, Jul 06, 2018 at 10:54:20PM +0200, Wiktor Kwapisiewicz wrote:
> > > If you're sending e-mail to user at and do a WKD query it
> > > would reveal that only to But you're sending the e-mail
> > > there so that user (or their server admins) would already know that
> > > after you send that e-mail.
> > 
> > False.  It would also potentially reveal that to anyone who was
> > operating any part of the network in between your endpoint and the
> > endpoint, as well as anyone who was able to subvert some
> > aspect of the domain (its DNS, the webserver, etc.) by
> > MITM attack or similar.  Or... other things.
> If you fear about that, and this:
> > However the mere revelation of who is receiving my messages can be
> > just as dangerous, depending on the type of correspondence I'm having.
> then, don't use e-mail, because e-mail will not guarantee the absence
> of any leak of the recipient address.

Exactly my point.  If you really care about keeping private
communications private, do not use e-mail.  Working backward from
that, there's no reason to bother with encryption on e-mail.

Derek D. Martin   GPG Key ID: 0xDFBEAD02
This message is posted from an invalid address.  Replying to it will result in
undeliverable mail due to spam prevention.  Sorry for the inconvenience.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <>

More information about the Mutt-dev mailing list