Import public keys

Currently, it is only possible to get someones public key into DeltaChat if the person uses an AutoCrypt-capable MUA (i.e. DeltaChat). If there was an option to not only import private, but also public keys, wouldn’t that enable DeltaChat-users to communicate encrypted with non-Autocrypt-users in one to one chats?


A great deal of Delta-Chat users care about encryption. Therefore, a good quantity of them have been encrypting before and might even already went through the pain of importing the public keys of their corespondents and verifying their fingerprints and all that.
A big advantage of DC over other messenger I see is that it is not exclusive. What I mean is that one is not forced to use DC in order to communicate with DC-users. But this is broken when one wants to communicate encrypted: The non-DC user may need to install another mail-client or plugins into their thunderbird, which I think is no good UX.

Add compatibility for 3rd-party key-storage?

This had been brought up before (for slightly different reasons): Using third-party key management (at least on android/mobile). Being able to optionally(!) use a 3rd party key-storage like a gpg-keyring on desktops or OpenKeyChain on Android would solve above problem, plus it would remove the necessity of importing and exporting keys. Just check the box and everything works.


I was invited here following a discussion I opened on Mastodon.

I would consider myself a user of GPG encryption prior to using DeltaChat and familiar with setting up keys, encrypting files and emails, etc.

I find the ease of use of DeltaChat to be excellent and agree with the principles of AutoCrypt in general. I could see corner cases for users like me who would like to import known public keys they have exchanged with contacts prior to using DeltaChat, knowing that these contacts don’t use AutoCrypt enabled clients or assuming they don’t.

I have no suggestions to make regarding the technical solutions. I would favor a cross-platform solution.

Another corner case I would like to propose for contideration outside of AutoCrypt regular usage:

There is a short list of known secure email providers that use GPG to secure communications between their subscribers. I suppose they might have registries of public keys for each subscribers. Would it make sense, for those know service providers only (since most have not implemented AutoCrypt) to fetch public keys for each contact that use them, prior to sending them a series of message?

Just my 2 cents.