> Overall I believe that attaching pubkeys (like autocrypt proposes) is not a > good idea (the arguments put forward elsewhere).
For the record, Autocrypt does not attach public keys, it includes them in headers. I concur that attaching public keys is a bad idea. > apparently, Thunderbird is a big fan of attaching public certificates > (and/or revocation certificates, for revoked keys) to outgoing emails > for *every private certificate on your keyring*, regardless of whether > that private key is actually associated with the account in question. I haven't tested this myself but from a quick check with someone who uses Thunderbird they couldn't verify this claim. Maybe this just happens on some versions? Either way I wouldn't assume it's intended behavior. - V _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
