[tor-bugs] #12536 [BridgeDB]: BridgeDB e-mails should be encrypted when possible

[Tor Bug Tracker & Wiki]

#12536: BridgeDB e-mails should be encrypted when possible
--------------------------+------------------
     Reporter:  andrea    |      Owner:  isis
         Type:  defect    |     Status:  new
     Priority:  normal    |  Milestone:
    Component:  BridgeDB  |    Version:
   Resolution:            |   Keywords:
Actual Points:            |  Parent ID:
       Points:            |
--------------------------+------------------

Comment (by bastik):

 I'm just copying here, what I said on ticket #12537 since it belongs here.
 (And I get updates on this)

 (I don't want to open another ticket, because I think it's not worth it,
 but it is related. Since Tor users are expected to check the signature of
 their Tor (or TB) copy with PGP, bridge requesting users could provide
 their public-key in the message body or as attachment and BridgeDB sends
 an encrypted email to them. It's not worth it in my eyes, because PGP has
 to be deployed on the server and fed with user-provided input, in normal
 case the key, which has to be stored at least temporary, what's not making
 me that sad since the adversary would be able to extract the key from the
 email in the first place. The major downside is that if it is optional,
 the adversary will get the bridges from those that do not make use of this
 feature. And if it is forced, this makes it much more difficult for people
 to get bridges. In the case someone things this is still a good idea, I
 don't think that, but I would not mind to open a ticket.)

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/12536#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online