On Mon, 28 Dec 2015 09:42:40 -0500 Rich Freeman wrote:
> On Mon, Dec 28, 2015 at 8:11 AM, Kristian Fiskerstrand <k_f@gentoo.org> wrote:
> >
> >
> > [Sent from my iPad, as it is not a secured device there are no cryptographic keys on this device,
> > meaning this message is sent without an OpenPGP signature. In general you should *not* rely on
> > any information sent over such an unsecure channel, if you find any information controversial or
> > un-expected send a response and request a signed confirmation]
> 
> And this would be why I don't bother to sign my emails any longer.
> The FOSS world is still stuck in the days when people ran X11-based
> MUAs and stored their mail in conventional folders.  I've yet to see a
> decent browser-based MUA or Android client which does signing.
> Squirrelmail does, but it is really lacking compared to something like
> Gmail.

YMMW, but I'm perfectly fine with Claws mail on my phone.

Another problem is that this device lacks reliable RNG and faces
threats of baseband processor data interception (as well as all
other phones I'm aware about). So phones/tablets are not suitable
for cryptography anyway.

P.S. We had a good discussion of this on core, but still have no
summary on dev ML.

Best regards,
Andrew Savchenko