So it’s possible to PGP encrypt all forum correspondence via email? My key + the “bot” key to sign/verify and encrypt/decrypt?
idk, i never used mailing list discourse function
Sadly, I’d say no. But look on meta.discourse.org. Maybe it’s something the developers are thinking about?
I apologize for the comment, but it might be actually useful to me to realize aspects I am not aware of, by getting the answer to the question: what is the actual purpose of getting encrypted emails from the publicly available forum?
1 Like
To be clear, I didn’t start this thread. Apparently other people are allowed to start threads under another user’s name (so called “splitting”?). It would be nice if the person who appears to be the OP in a given thread was contacted prior to creating such a thread.
Anyway… I suppose one useful aspect of encrypted transmission of “public” email would be anonymity. While PGP encrypted personal email affords users more privacy, public email postings aren’t just an archive of postings. They also entail the transmission of content.
My understanding is that email passes through many points in a network on its way to a recipient. Email content can easily be snooped along the way if it isn’t encrypted, which might perhaps make it easier to correlate public content of an email with certain IP addresses, potentially exposing the source of that email.
So even if someone has a random username and/or email address displayed on public postings, their anonymity could potentially be threatened during the transmission of those postings - a kind of breadcrumb trail leading back to certain IPs (or at least narrowing down the pool of candidates).
I think the real question is why isn’t email encrypted by default? HTTPS is now extremely common place and the benefits of encrypting network traffic for websites is well known. What exactly are the benefits of not encrypting email? Convenience? I suppose TLS isn’t convenient either, but once it’s set up, it’s a non-issue. Once email is set up to encrypt between two parties who have each other’s public keys, it’s trivial.
1 Like
That’s a questions that is well beyond the original purpose of the thread. I would politely ask you to seek an answer elsewhere.
If you wish this functionality to be added to discourse, post one meta.discourse.org
if you wish to discuss the meta-implications of not having end-to-end encryption in email, this is not the place.
That’s a questions that is well beyond the original purpose of the thread.
It was an incidental remark in my response to a question that was well within the scope of the thread you created.
I would politely ask you to seek an answer elsewhere.
It was rhetorical.
Fair enough. It’s sometimes hard to tell them apart with text only.
1 Like