Hello world, this is the #OpenPGP #keyserver service at https://keys.openpgp.org!

This account provides a low-volume channel for updates about the service.

Hello world, this is the #OpenPGP #keyserver service at https://keys.openpgp.org tooting!

This account provides a low-volume channel for updates about the service.

Hey y'all.
Just finished setting up my PGP appearance.

Verify here:
https://keys.openpgp.org/vks/v1/by-fingerprint/693DA7FA76F1D0D5EF7B22784FD295C91D2FD033

or here:
https://openpgpkey.nderl.es/openpgpkey/nderl.es/hu/fzzd5wfkthb6hd6e5r5rx4z6to8h6e1e

Testing allowed and appreciated!

feroxib

#pgp
#wkd
#prettygoodprivacy
#openpgp

Ich hab jetzt seit einiger Zeit die #openpgp_verschlüsselung in #thunderbird eingerichtet. Ich habe noch keinen gefunden, der auch verschlüsselt, also den öffentlichen Schlüssel auf einem #openpgp #schlusselserver ablegt. Macht das niemand oder muss ich auch andere Schlüsselserver hinterlegen?

So I've given @mailfence a very quick test on their Free tier.

That seems to be quite reasonable alternative for e-mail services. In som parts it's what I would expect @mailbox_org being. Except of one thing: Unencrypted incoming e-mails will not be stored encrypted.

Since I'm on the free tier currently, I've not tested the IMAP integration.

The weakness of #Mailfence and #Mailbox are that the PGP setup requires some efforts to happen. The "settings" panel on Mailfence is cleaner and better organized than mailbox.org, but the latter one is capable of ensuring all received e-mails are stored encrypted - regardless if it was encrypted at arrival or not.

PGP key management is still not as easy as it should be for non-tech users. "It should just happen automatically", is my stance here. It's close to being good, but you need to explicitly enable encryption on each mail you send - unless you reply to an already encrypted mail. This will confuse users and it will result in more unencrypted mails sent than intended.

Neither Mailfence nor mailbox.org will decrypt encrypted Subject fields.

I've briefly tested the WebDAV integration, which seems to work. But WebDAV is not end-to-end-encrypted, so uploaded data will not be stored in so-called "zero access" mode. This means the Mailfence people managing their servers can access and read your data. This will be the same for CalDAV/CardDAV too (calendar and contacts synching)

Mailbox.org recently announced they will upgrade their login system - which is long overdue. Their OTP setup is currently just confusing and very far from user friendly. Here Mailfence is very straight forward.

Both Mailfence and #mailbox_org still got quite a long way to provide a properly privacy enabled service. They're on a good path, but currently far from the capabilities of @protonprivacy, even on the most basic features in e-mail.

#openpgp traditions and #signal both bind a cleartext identifier, phone number or email address, to a cryptographic key. It opens up attack vectors as the servers/orgs controlling this binding can interfere.

#deltachat avoids such cleartext identity bindings by creating random #chatmail addresses, as transport only. The cryptographic key becomes the identifier and we want it hidden from the transport layer. Only people being in end-to-end encrypted chat need to identify each other, after all.

Email is an open standard! Yet corporate USA has stole it from us. Let's all reclaim our #Email

We need to run our own email servers again and make email a community thing!

Enable running a server from home! Add email servers on .alt, .i2p, & .onion! Support people unable to rent a VPS or get a global domain name! Not everyone has access to a credit card or bank account.

Let's make email open & social again!

Support #OpenPGP!!

Delta Chat es demasiado buena

https://fediverse.tv/videos/watch/21b54e75-f8ae-4a61-919c-a7d264f67b57

Ich wollte mich mal mit #OpenPGP beschäftigen in #Thunderbird, aber kann meine Schlüssel nicht online veröffentlichen.

Fehler beim Senden Ihres öffentlichen Schlüssels an "vks://keys.openpgp.org".

Hat jemand noch diese Probleme beobachtet oder die Probleme?

We are not aware of other FOSS development teams that have as extensive knowledge, both theoretical and practical, about #email and #openpgp and regularly release across all platforms for users world wide ... except for #protonmail with whose technical and security experts we discuss regularly. They are the other major game in town doing pervasive email encryption after all. Did you know that Proton's and delta's VCards are compatible across ecosystems and establish immediate encryption?

@mathilde #chatmail server users don't have these problems because they don't even need to know their password or email address. Messages in delta chat are stored locally and the server only stores them for a limited time, up to 20 days by default, so all devices have a chance to download the message. Blocklists are also not used, the only requirements are #DKIM signature and #OpenPGP encryption.

Remember the old days with key signing parties? I never really got into that but I think with all the "AI" bots we are going to get to a place where we need to have trust networks built on cryptographic keys to filter out the crap.

Note to self: Set up public key and share it.

#GnuPG 2.5.5 (dev) has been released (#OpenPGP / #GPG / #GNUPrivacyGuard / #PGP / #PrettyGoodPrivacy / #Security / #Gpg4win) https://gnupg.org/

The downside of our project approach was that we often got experts being very dismissive on re-using email and #OpenPGP ... and there still is some opposition which often subsides when actually trying #deltachat and #chatmail, looking at security audits and our strong usable security focus.

There may also be surprising upsides. The UK "Online Safety Bill" which attacks end-to-end encryption integrity seems to not apply for ... e-mail. Because everyone knows, e-mail is unencrypted, right? :)