In a draft published in May of *this year*. This should have been a draft in the... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		jandrese on Dec 7, 2023 \| parent \| context \| favorite \| on: A Schism in the OpenPGP World In a draft published in May of this year. This should have been a draft in the 90s. It should have been in mail systems forever. Whenever you create an account the first email should have been the server sending you your private key in some format that every email client understands and would then prompt you to automatically install it in your client for that server. `Welcome to your new email account! Your private key is attached in the standard format. When your client asks you to install the key say "Yes", and allow it to automatically sign your email using that key for this account. Don't forget to check the box to automatically encrypt mail when possible.` If email worked like this I bet secure POP and IMAP would have been implemented much faster than they were in real life.

twiss on Dec 7, 2023 [–]

The first draft was published in 2016: https://datatracker.ietf.org/doc/html/draft-koch-openpgp-web...

Even before that, there were other mechanisms proposed for this, such as https://datatracker.ietf.org/doc/html/draft-shaw-openpgp-hkp... (from 2003). Unfortunately it didn't catch on; I agree it would've been nice to have such a mechanism earlier.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact