diff options
Diffstat (limited to 'content/entry/goodbye-pgp.md')
| -rw-r--r-- | content/entry/goodbye-pgp.md | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/content/entry/goodbye-pgp.md b/content/entry/goodbye-pgp.md index 579385e..0b1f89d 100644 --- a/content/entry/goodbye-pgp.md +++ b/content/entry/goodbye-pgp.md @@ -61,7 +61,7 @@ The OpenPGP format combines [compression and encryption](https://security.stacke ## No Deniability PGP does not have [cryptographic deniability](https://en.wikipedia.org/wiki/Deniable_encryption) even though it could be implemented. Anyone who receives a signed message from you can prove to others you sent it. -For email encryption, it hardly even matters that PGP lacks deniability. Any half decent email server uses DKIM anyways, which can and has been used to prove email provenance. Unless your email provider rotates and publishes DKIM keys, and most don't, then your emails aren't deniable. +For email encryption, it hardly even matters that PGP lacks deniability. Any half decent email server uses DKIM anyway, which can and has been used to prove email provenance. Unless your email provider rotates and publishes DKIM keys, and most don't, then your emails aren't deniable. There's also contextual information in the email content along with metadata and IP logs that prove your emails are yours. So the addition of a PGP signature probably doesn't make a practical difference. |