Why can't my mom email me?

keys.openpgp.org operator here. He uploaded his key and verified his address, it&#x27;s discoverable, and people use it to send encrypted email. As far as we&#x27;re concerned, that&#x27;s not a bug, that&#x27;s a feature.<p>Now, it is debatable whether the ecosystem is ready to be doing this at (some) scale by default. I agree it&#x27;s not, dealing with e2e encrypted email is a less convenient experience than plaintext for most users. But not all - case on point, with Proton it&#x27;s fine.<p>It&#x27;s a valid question how opt in our out should work, with lots of implications and stakeholders involved. For better or worse, the status quo is that there is no signaling mechanism in openpgp (or keys.openpgp.org) at the moment to specify how a key should be used, so publishing a key is just a yes or no situation.<p>If op wants to offer encrypted email as a possible means of communication, but explicitly on an opt in basis, I would recommend a separate email address (or a tag, e.g. +encrypt) for that purpose.

If I didn’t want people to encrypt mail to my pgp key I would simply not upload it to a public pgp key directory.<p>Honestly, what is the complaint here? If you don’t want people to use certain contact info don’t put it on the open internet.<p>To get your key in that key server not only do you have to submit it you have to verify it via email. It’s literally… to spread it widely… to anyone who wants it… so they can send you encrypted mail. That’s the entire purpose of the thing.<p>Like if i put my phone number on a billboard I have no right to complain when I get calls.<p>Take responsibility for your actions.<p>“ However long we postpone it, we eventually lie down alone in that notoriously un- comfortable bed, the one we make ourselves. Whether or not we sleep in it depends, of course, on whether or not we respect ourselves.” Joan Didion <a href="https:&#x2F;&#x2F;www.vogue.com&#x2F;article&#x2F;joan-didion-self-respect-essay-1961" rel="nofollow">https:&#x2F;&#x2F;www.vogue.com&#x2F;article&#x2F;joan-didion-self-respect-essay...</a>

The Fastmail article linked my Mr Duggan [0] is also worth a read, they provide a sober and reasonable overview of why they don&#x27;t offer PGP. Of course, Australia has a quietly privacy-phobic regulatory regime so we can guarantee [1] that Five Eyes countries and possibly others are reading emails sent through Fastmail. Cost of doing business really, I use Fastmail.<p>Fact is that there isn&#x27;t a way to use a convenient 3rd party email provider if you want secure emails. Only local clients can provide that feature - which means both sides of the message have to be using trusted local clients, and at some point one side of the conversation will forget their secret and lose access to their email history. It is a tough problem.<p>[0] <a href="https:&#x2F;&#x2F;www.fastmail.com&#x2F;blog&#x2F;why-we-dont-offer-pgp&#x2F;" rel="nofollow">https:&#x2F;&#x2F;www.fastmail.com&#x2F;blog&#x2F;why-we-dont-offer-pgp&#x2F;</a><p>[1] <a href="https:&#x2F;&#x2F;www.bbc.com&#x2F;news&#x2F;world-australia-46463029" rel="nofollow">https:&#x2F;&#x2F;www.bbc.com&#x2F;news&#x2F;world-australia-46463029</a>

Related research:<p>* Why Johnny can&#x27;t encrypt (1995): <a href="https:&#x2F;&#x2F;people.eecs.berkeley.edu&#x2F;~tygar&#x2F;papers&#x2F;Why_Johnny_Cant_Encrypt&#x2F;OReilly.pdf" rel="nofollow">https:&#x2F;&#x2F;people.eecs.berkeley.edu&#x2F;~tygar&#x2F;papers&#x2F;Why_Johnny_Ca...</a><p>* Why Johnny still can&#x27;t encrypt (2006): <a href="https:&#x2F;&#x2F;cups.cs.cmu.edu&#x2F;soups&#x2F;2006&#x2F;posters&#x2F;sheng-poster_abstract.pdf" rel="nofollow">https:&#x2F;&#x2F;cups.cs.cmu.edu&#x2F;soups&#x2F;2006&#x2F;posters&#x2F;sheng-poster_abst...</a><p>* Why Johnny still, still can&#x27;t encrypt (2016): <a href="https:&#x2F;&#x2F;arxiv.org&#x2F;pdf&#x2F;1510.08555.pdf" rel="nofollow">https:&#x2F;&#x2F;arxiv.org&#x2F;pdf&#x2F;1510.08555.pdf</a><p>At this point I really wonder if e-mail is the best solution for encrypted asynchronous communication. E2E systems like Signal or Whatsapp offer a very functional, intuitive way to protect your texts.

In summary (quoting OP): &quot;the act of uploading a OpenPGP-compatible key seems to trigger Protonmail service to send end-to-end encrypted message&quot;

I personally think S&#x2F;MIME is better than PGP. The &quot;key exchange problem&quot; is solved more pragmatically and user-friendly (send an unencrypted but signed email once, your&#x2F;their client will automatically remember keys for encryption afterwards). And most pre-installed email clients support S&#x2F;MIME natively (e.g. Apple Mail, Outlook, even the web email apps).<p>The only annoyance is that it&#x27;s too difficult to acquire a certificate as an individual, but e.g. Actalis [1] will issue one for free.<p>[1] <a href="https:&#x2F;&#x2F;www.actalis.com&#x2F;s-mime-certificates.aspx" rel="nofollow">https:&#x2F;&#x2F;www.actalis.com&#x2F;s-mime-certificates.aspx</a>

I have a web form on my website which is used mainly by spammers and my Dad. So when he can&#x27;t seem to email me, there is always a backup that works. Parents demand highly redundant systems of their techno offspring.

keys.openpgp.org seems to claim that keys aren&#x27;t searchable by email until the email is verified. Did you ever verify the email with them? If not something is going wrong. Maybe there is a problem in the service or maybe Proton Mail is working off of a dump and ignoring the &quot;is verified&quot; bit.<p><a href="https:&#x2F;&#x2F;keys.openpgp.org&#x2F;about&#x2F;usage#gnupg-upload" rel="nofollow">https:&#x2F;&#x2F;keys.openpgp.org&#x2F;about&#x2F;usage#gnupg-upload</a>

On a related topic, I wish someone would implement &quot;user-encrypted-at-rest&quot; to protect me from the provider getting breached.<p>I don&#x27;t care so much for the transit, but I&#x27;m a bit worried about the fact that I have many years of emails stored in &quot;plaintext&quot; (citation makes because they probably use FDE and maybe other encryptions but they can still read everything) on the providers server.<p>I&#x27;m not worried about a malicious provider, but worries they might at some point make a mistake which allows them to be hacked.<p>If anyone knows any solutions for this that works in iOS&#x2F;Mac I&#x27;d love to hear.<p>The only thing I&#x27;ve found on this is some research a few years ago with ideas how to do this; but I haven&#x27;t seen any implementations of it. I&#x27;ve linked to it here: <a href="https:&#x2F;&#x2F;www.cs.columbia.edu&#x2F;~koh&#x2F;papers&#x2F;koh-eurosys19-e3_easy_email_encryption-final.pdf" rel="nofollow">https:&#x2F;&#x2F;www.cs.columbia.edu&#x2F;~koh&#x2F;papers&#x2F;koh-eurosys19-e3_eas...</a>

I actually like this behavior ... If you have a key, use it!

&gt; It outlines an enrollment process by which I would signal to a WKD service that I have a key that I want to enroll into the process. The only problem is I never did that, or at least certainly can&#x27;t remember doing that. I&#x27;m certainly not hosting a page with any key verification stuff.<p>The post includes the above statement that this person never took the steps required for following the standard Proton states they are following. This communicates to me that Proton is not following any standard. This is something publicly visible and on a grander level fairly simple to discover <i>compared to other issues related to E2E encryption.</i> I don&#x27;t trust Proton or really any organization to manage E2E for email, and among the biggest issues is that email just seems like the wrong tool for the job.<p>Another issue I have with encrypted email is what to do about spam. If the server can&#x27;t inspect the contents of the message, the probability of a &quot;success&quot; on the part of the spammer is significantly higher. Public keys can be published for addresses that have very high limitations (e.g., 1KB size limit, strict mail policy standards enforcement, whitelists, etc.). How Proton plans to deal with this an average person, I have no idea, but I imagine a lot of people will be scammed in their discovery process.

Hate to badmouth them: but they are definitely broken recently (one full month at least). I get long term contacts fine from things like AWS, but multiple new people i have not contacted before just do not get anything, complete silent failure (with @proton.me) with no indication that my contact received nothing. I created an alias using @protonmail.com and that worked to new people

The current email protocols can’t be easily encrypted. There are multiple providers and clients that are not compatible, you often have to put people in copy that don’t have public keys, or get replies in plaintext, you may want the content accessible to different people for documentation or legal purposes, some functionality will be broken or become hard to use, it’s asynchronous, and there is simply little demand for privacy from the providers.<p>The use cases are currently niche, in places like dark web.

these kinds of stories are such a joke, why can i not just give someone my public key and that should be enough to communicate with him forever? how is that not user friendly? because he can lose the key? you just give it again. you just use some decentralized protocol with a DHT or something and the only step the user ever has to do is get the public key of the person he wants to add. net result is far better off than nonsense like email, dns, and x509. and i had this exact same rant 15-20 years ago too, it&#x27;s amazing how everyone is still chasing the same carrot.

Older generations tend to use Messengers like whatsapp. E-Mail has some Henry barriers often to high for them. Would be great to have an email app as simple as whatsapp

If there is one thing I absolutely want to keep out of the big techs and governments surveillance data lakes its conversations with my mother. What will become of the world if we can’t even talk with our mothers without it being taken as a chance by some extrafamilial power to exert some behavioral modification.

Use signal.

So if I understand correctly:<p>- Proton uses WKD for keys outside its own domain<p>- OP <i>didn&#x27;t</i> activate WKD for their own key (there is no CNAME)<p>- But Proton still assumed that it was activated, that their key was on keys.openpgp.org and that it was valid<p>It is hard for me to see how this is not a fault with Proton and Proton only. If the user didn&#x27;t opt-in, don&#x27;t opt-in for them !