On 2014-07-18 at 19:39, Ingo Klöcker wrote: > Sure. But the fingerprint is only used once (for verifying the key). And > it's not even secret information, so exchange via an insecure channel is > not an issue (at least, not a severe issue). > > OTOH, symmetric keys really should be exchanged via a secure channel.
The fact is that you can use symmetric-keys when the other doesn’t have yet a public key. So you can send her this understandable message and *then* say her “here the key that’ll allow you to read the message”. That could be used if the message *must* be transmitted by mail, because it’s a file, because it’s large, because it have to be *before* or other reason, so in some rare cases it can be useful, and since the message has already been sent, it’s easier to convince the other to begin using cryptography. Then she could decrypt the mail, and you can start trying to convince her to use asymmetric cryptography, at this point it’ll be easier.
signature.asc
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
