More specifically, if I was to attach my public key to every email — even when the recipient doesn’t use PGP.

My assumption is that “life would carry on” and there would be basically no difference but I’m not entirely sure.

the process of using PGP for encrypting content (text messages for example) is something I’m only just started understanding after some reading and practicing

EDIT

Since a couple of people have mentioned it, my email provider provides E2EE between users but it I want to have E2EE with non-users and via my aliases (SimpleLogin) with custom domains I’ll need PGP

  • @mkwt@lemmy.world
    7210 months ago

    —BEGIN PGP SIGNED MESSAGE—

    Side effects include all of your contacts calling you freakin nerd.

    —END PGP SIGNED MESSAGE—

    • sunzu2
      510 months ago

      Hopefully OP gets some weggies after it too tbh

  • @felbane@lemmy.world
    1810 months ago

    Signing every message should have zero effect for people who don’t use PGP; they’ll just have a cryptic block of text at the bottom of the message you sent.

    It’s overkill to ship your pubkey with every email. Most people just publish to a trusted keyserver and call it a day since pretty much every client worth its salt can look up your pubkey directly.

    • @degen@midwest.socialEnglish
      510 months ago

      Please tell me clients handle everything automatically/on the fly…I recently read a comment making a “joke” about the hassle of needing to manually decrypt/encrypt and the tradeoffs of security…and I can’t tell if it was real

  • lemmyngEnglish
    510 months ago

    I don’t know if it’s still the case, but in my experience (years ago) PGP messed with the proper rendering of HTTP email bodies.

    From a security standpoint also, the signature confirming that the email is from your is a double edged sword: Yes, your contacts get to verify that it’s you, but you’re also losing plausible deniability (privacy).

  • @PassingThrough@lemmy.worldEnglish
    510 months ago

    One thing I can think of is an overzealous corporate security solution blocking or holding back your email purely for having an attachment, or because it misunderstands/presumes the cipher-looking text file to be an attempt to bypass filtering.

    Other than that might be curious questions from curious receivers of the key/file they may not understand, and will not be expecting. (“What’s this for? Is this part of the contract documents? Oh well, I’ll forward it to the client anyway”)

    Other than that it’s a public key, go for it. Hard (for me anyway) to decide to post them to public keychains when the bot-nets read them for spam, so this might be the next best thing?

    • Billegh
      310 months ago

      Aside from the giant target on your back from governments that have a harder time reading your emails.