Is it possible to include the sender's own public key as part of a
detached OpenPGP signature?
When Thunderbird sends a signed email, it wants to include the sender's
public key by default, to ensure that the recipient has it available.
Thunderbird sends the key as an attachment.
We received a surprisingly high number of complaints from users. who are
unhappy about having attached the key by default. Apparently having the
extra public key attachment causes confusion on the recipient side, with
users not understanding what the attachment is about.
However, I haven't heard complaints about the signature attachment -
which is shown by MUA that don't support OpenPGP. The signature
attachment appears to be less of a problem or confusion.
If it were possible to include the sender's public key inside the
signature, Thunderbird could use a single attachment for both.
Thanks,
Kai
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp