My personal preferences have nothing to do with the topic discussed here. I was simply trying to help an organization that is, for *their own good business reasons* very much motivated to adhere to GDPR, use existing IT infrastructure to move to a more secure method of communication.
I was the one to suggest to them to use e-mail and OpenPG encryption. The reasons were two-fold: first to avoid one of those centralized, web-browser based, single-point-of-failure, essentially insecure communication setups so common today; the second was to make their member's communication interoperable with general Internet population in order to increase organization's visibility and promote wider adoption of encrypted e-mail. I posted my original question only in order to find out some technical details on how to do that. Posting the question was worthwhile, as I have learned that: (a) Unfortunately, OpenPG email encryption is incompatible with GDPR and should not be used by those that either want or need to be GDPR compliant. (b) GDPR appears to be a topic that, for some strange reason, elicits emotional reactions by the OpenPG creators and maintainers. (c) GPG and OpenPG appear to be very much US-centric endevours. That fact ought to be taken into account by the new users. If the ultimate goal of OpenPG is the wider adaption of encrypted e-mail, finding technical means to make it usable by those that *wish to be GDPR compliant* - without forcing such MO on everyone - appears to be a worthwhile effort. I thank again to all that have contributed their answers, comments and opinions. Jon K. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
