Why I Stopped Signing my Emails
2021 October 12
At one point in time, I would attach an OpenPGP signature to all of my unencrypted emails.
Why I did this
- to indicate to my contacts that I used OpenPGP, so it was possible to encrypt emails for me
- to allow the recipient of each email to verify the authenticity and integrity of the email
Why I stopped
- People who don't already use OpenPGP don't bother (or generally know how) to verify signatures.
- The fact that I attached little mysterious files to my emails worried and confused people.
- What I actually want is for most of my communication to be off-the-record. Signing my emails made them non-repudiable, which is not a property I desire.
I've generally given up on OpenPGP. We should have collectively learned in 2004 to stop using it for private communication.