On Wed, 10 May 2000, sen_ml(_at_)eccosys(_dot_)com wrote:
i would guess there have been cases of people who thought they had
encrypted or signed a message before sending it, but it turned out
they hadn't. i have a vague recollection of this being mentioned in a
recent pgp usability study (perhaps someone can confirm).
IMHO, an MTA which rejects unencrypted mails would be a better
alternative to protect against such kinds of failures. It may look
at some headers to detect ML replies and use a table of
addresses which are allowed to receive unencrypted mail. Or reject
everything unless a special formed address is used (which the MTA
substitutes for the real address).
Werner
--
Werner Koch OpenPGP key 621CC013
OpenIT GmbH tel +49 211 239577-0
Birkenstr. 12 email wk(_at_)OpenIT(_dot_)de
D-40233 Duesseldorf http://www.OpenIT.de