It's not that someone can forward your mail unencrypted. It's that in the normal operation of the system, someone taking the natural next step in a conversation (replying) can --- and, in the experience of everyone I've talked to who has used PGP in anger for any extended period of time, inevitably does --- destroy the security of the entire conversation by accidentally replying in plaintext.

That can't happen in any modern encrypted messenger. It does happen routinely with encrypted email.

▲

mjevans 4 days ago | parent | next [-]

Yes, it's a problem with _email_.

pgp as a tool could integrate with that, but in practice fails for... many reasons, the above included. All the other key exchange / etc issues as well.

▲

pheggs 3 days ago | parent | prev [-]

well that's fair, but sounds more like a email client issue than an actual issue with gpg/pgp. My client shows pretty clearly when it gets encrypted. But maybe I am oblivious.

▲

tptacek 3 days ago | parent [-]

I agree that it's an email problem, which is why I wrote a whole article about why email can't be made secure with any reasonable client. But email is overwhelmingly the messaging channel PGP users use; in fact, it's a common-cited reason why people continue to use PGP (because it allows them to encrypt email).

▲

pheggs 3 days ago | parent [-]

out of curiosity, would you like to share why you think it's an email protocol problem? Because I see that more as an email client problem

	▲	akerl_ 3 days ago \| parent [-]
		A protocol that doesn’t enforce security and relies on clients to choose to implement it is a broken protocol, from a security standpoint. Even if secure email clients exist that always make right choices, because you can’t know what client all your recipients are using, all it takes is one person with a “bad” client (which, keep in mind, is a client that accurately implements the protocol but doesn’t enforce additional security rules on top) to ruin things.