On Mon, Jul 09, 2018 at 05:05:58PM +0200, Vincent Lefevre wrote: > On 2018-07-06 17:50:59 -0500, Derek Martin wrote: > > On Fri, Jul 06, 2018 at 10:54:20PM +0200, Wiktor Kwapisiewicz wrote: > > > If you're sending e-mail to u...@example.com and do a WKD query it > > > would reveal that only to example.com. But you're sending the e-mail > > > there so that user (or their server admins) would already know that > > > after you send that e-mail. > > > > False. It would also potentially reveal that to anyone who was > > operating any part of the network in between your endpoint and the > > example.com endpoint, as well as anyone who was able to subvert some > > aspect of the example.com domain (its DNS, the webserver, etc.) by > > MITM attack or similar. Or... other things. > > If you fear about that, and this: > > > However the mere revelation of who is receiving my messages can be > > just as dangerous, depending on the type of correspondence I'm having. > > then, don't use e-mail, because e-mail will not guarantee the absence > of any leak of the recipient address.
Exactly my point. If you really care about keeping private communications private, do not use e-mail. Working backward from that, there's no reason to bother with encryption on e-mail. -- Derek D. Martin http://www.pizzashack.org/ GPG Key ID: 0xDFBEAD02 -=-=-=-=- This message is posted from an invalid address. Replying to it will result in undeliverable mail due to spam prevention. Sorry for the inconvenience.
pgpCdW4hbvcPS.pgp
Description: PGP signature