GPG sign VS AutoEncrypt

Is there a way to send “normal” GPG signed(&GPG-encrypted) emails when AutoEncrypt is not available? None of my contacts use AutoEncrypt email apps.

hi, @foxyseta - first of all, welcome aboard!

to be clear and to avoid confusion: the messages sent out by Delta Chat are already “normal” PGP signed&encrypted messages.

however, i get you, to be able to encrypt, Delta Chat needs the public key of the recipient - and that indeed needs an Autocrypt capable client, with at least some support on both sides - without that, things won’t get encrypted (btw, recently, also Thunderbird got some Autocrypt support again)

(the DNA of Delta Chat and Autocrypt is don’t ask users anything about keys, ever :slight_smile: )

there are ideas to accept also attached PGP keys of non-Autocrypt-clients (eg. when address in key and sender address match), however, it was never done in favour of other improvements :slight_smile:

Thanks! That’s very interesting. I went through the FAQs but maybe should have studied the whole Autocrypt thingie, too.

What about signing without encrypting with your own key when the other client is not Autocrypt capable then?

(Addendum: the invite process is DeltaChat-specific, as we are sharing intent-DeltaChat URLs, right? How would the invite process look like across different Autocrypt-capable clients? We exchange .asc files?)

What about signing without encrypting

here are some in-depth considerations wrt signing-only: OpenPGP Considerations, Part I: Signed-Only Mails

1 Like

This is in fact supported as a setting sign_unencrypted internally, but the setting is not exposed in the UI and can only be enabled by modifying the database manually. It is currently used in tests.


So asking is to be exposed in the UI (as an opting-in, ofc) as a feature request would be rejected?

We could add sign_unencrypted to advanced settings maybe, but I am not sure which problem it solves. In Delta Chat messages are either secure (which means encrypted and signed, this is also how Autocrypt treats messages) or not. If message is just signed it will show up without a padlock anyway and is mostly indistinguishable from an unsigned message.

If we were to do that, the recipient would detect all of these messages are at least signed.

up .