[Enigmail] Default encryption key.

[Robert J. Hansen]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

First, let me start off by agreeing with John.  This is an error in some
documentation.  My remarks are additions, not disagreements.

| Obscuring key IDs serves little purpose for security though it does
| hinder folks from pointing out obvious errors.

And, in a larger sense, it's a security diminishment.  It seems that
most people who throw key IDs do so out of some thought that it makes
them more secure, more confidential, more... more /something/, but
without a clearly defined security threat and throwing key IDs as a
clearly articulated response to that threat.

This is a bigger problem than just throwing key IDs.  Pretty much
everything in GnuPG is the same way.  People want to tweak the system
for the "best" security profile without first establishing a threat
model.  It just doesn't work that way.  Throwing a bunch of features
that "feel right" at the problem is unlikely to do anything except make
the user feel good and thus lull them into a false sense of security.

For years I've said GnuPG is too large a software package for my liking.
I would like it an awful lot if GnuPG supported only 3DES for sending
symmetric traffic, only DSA1024/2048 for signature algorithms, only
ElG2048 for asymmetric crypto, and only SHA1/SHA256 for digests.


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iFYEAREIAAYFAkhEb9EACgkQf2XByo0Cu7NClQDbBUP9ivBQdCqQ2p0YHxHaUCaM
BjQQYSyI2CXqyQDfYFFQfl4RD8hv78DB37NA6iyfEJw+ebTK1BOCqIkBHAQBAQgA
BgUCSERv0QAKCRC3APSC/q+BCVCHCACc+zVVhu26DTlCXRWrws8DrRxl6Mwa/eq+
aiQBd14tfXexOoZBRzqeH5NXMlR75iyeIgiOTuSUUfFIBMJCq1qDDp3KrMo/Q+Jc
saOXFxKL0TY+2b/2g9hfHDc1/pdbJ0U9WxHAEJYZAUi301R0P2b1nCVJiTXMRHRH
W9mvCwHOzeV5JvYuGA5c2/u2hu9g0FPIQVCbu4oORcIG/irFETZ+8F9ZkKERI9Pk
5P2V24mMI51Ugw3sFmxsyYxa7v4lKI9ZSP7aTjKUJSxE9Hb7W0nk6d1wP3w/9yhB
0meNtiWuhxA6hOvA81TZ6h1pjNUO5VFdOFR4KkVGJa0RFNA++WMx
=QsqB
-----END PGP SIGNATURE-----