| 1 |
On Mon, 28 Dec 2015 09:42:40 -0500 Rich Freeman wrote: |
| 2 |
> On Mon, Dec 28, 2015 at 8:11 AM, Kristian Fiskerstrand <k_f@g.o> wrote: |
| 3 |
> > |
| 4 |
> > |
| 5 |
> > [Sent from my iPad, as it is not a secured device there are no cryptographic keys on this device, |
| 6 |
> > meaning this message is sent without an OpenPGP signature. In general you should *not* rely on |
| 7 |
> > any information sent over such an unsecure channel, if you find any information controversial or |
| 8 |
> > un-expected send a response and request a signed confirmation] |
| 9 |
> |
| 10 |
> And this would be why I don't bother to sign my emails any longer. |
| 11 |
> The FOSS world is still stuck in the days when people ran X11-based |
| 12 |
> MUAs and stored their mail in conventional folders. I've yet to see a |
| 13 |
> decent browser-based MUA or Android client which does signing. |
| 14 |
> Squirrelmail does, but it is really lacking compared to something like |
| 15 |
> Gmail. |
| 16 |
|
| 17 |
YMMW, but I'm perfectly fine with Claws mail on my phone. |
| 18 |
|
| 19 |
Another problem is that this device lacks reliable RNG and faces |
| 20 |
threats of baseband processor data interception (as well as all |
| 21 |
other phones I'm aware about). So phones/tablets are not suitable |
| 22 |
for cryptography anyway. |
| 23 |
|
| 24 |
P.S. We had a good discussion of this on core, but still have no |
| 25 |
summary on dev ML. |
| 26 |
|
| 27 |
Best regards, |
| 28 |
Andrew Savchenko |
Archives