111 | | GnuPG only encrypts the ''body'' of your email message - not the headers. Therefore, when sending email, your email address, the date of the message, the recipient and other information regarding the transport of your message may be sent in the clear. One solution to that problem is to only work with providers that use [http://help.riseup.net/security/measures/#use_secure_email_providers providers that support starttls] (note: May First/People Link, despite not being included in the list, does use starttls). |
| 111 | * Transactional data. GnuPG only encrypts the ''body'' of your email message - not the headers. Therefore, when sending email, your email address, the date of the message, the recipient and other information regarding the transport of your message may be sent in the clear. One solution to that problem is to only work with providers that use [http://help.riseup.net/security/measures/#use_secure_email_providers providers that support starttls] (note: May First/People Link, despite not being included in the list, does use starttls). |
| 112 | |
| 113 | * Verifying fingerprints. When exchanging public keys, it's important to verify the fingerprints of the keys you are exchanging. |