Web Key Directory - Web Key Directories provide an easy way to discover public keys through HTTPS. They provide an important piece to the infrastructure to improve the user experience for exchanging secure emails and files. In contrast to the public keyservers a Web Key Directory does not publish mail addresses. And it is an authoritative pubkey source for its domain.
We believe privacy is a human right.
Add the secure contact form to your website in minutes, no coding required.
It encrypts the message with PGP (client-side) and sends it on to the mail account. A user who does not use PGP can send fairly secure mails to PGP-users. A simple vanity-style URL can be given to such users for easy access to the secure contact form.
The topic of that paper is that HTML is used as a back channel to create
an oracle for modified encrypted mails. It is long known that HTML
mails and in particular external links like <img href="tla.org/TAG"/>
are evil if the MUA actually honors them (which many meanwhile seem to
do again; see all these newsletters). Due to broken MIME parsers a
bunch of MUAs seem to concatenate decrypted HTML mime parts which makes
it easy to plant such HTML snippets.
There are two ways to mitigate this attack
- Don't use HTML mails. Or if you really need to read them use a
proper MIME parser and disallow any access to external links.
- Use authenticated encryption.
Efail: Was Sie jetzt beachten müssen, um sicher E-Mails zu verschicken
2 WITH PRETTY EASY PRIVACY (P≡P) SUPPORT BY DEFAULT FOR NEW USERS
Per PGP lassen sich E-Mails zwischen zwei Personen verschlüsseln - und sind sowohl auf dem Server des Anbieters, als auch auf der Reise durchs Internet vor fremden Blicken sicher.