Support OpenPGP encryption of account email communication

Support OpenPGP encryption of account email communication

Would be nice to be able to upload our OpenPGP public key to our account management page and all emails are then encrypted.

1 Like

Why do you need in-game messages to be encrypted?
(other than the cool factor)

It’s not for ingame messages, it’s for ACCOUNT MANAGEMENT emails, such things like account confirmation links and payments, support and so on.

For your external account emails.


1 Like

At what point is your email traffic not encrypted already?

At the endpoint inbox by the email MTA provider.

That’s the point of it. End to End User to User encryption. And even MTA-STS can fallback to clear for transport depending upon MTA policy, but OpenPGP is not about MTA to MTA, it’s about E2EE.

You miss the purpose of OpenPGP and are placing your trust on MTA providers which ARE monitored heavily and surveilled and data mined, even if you use MTA-STS encrypted transport, it is the MTA operator that is doing the data dipping. Unless you are running your own MTA and control the policy and “at rest” data encrypted, you are at risk. Not to mention MTA operators also get compromised too and thus your emails are at risk that way also.

On top of that there is also the added benefit of non-repudiation and digital signatures (content hash), DKIM is only for MTA to MTA signing and short lived rotating keys and thus not designed for non-repudiation. OpenPGP signatures are for non-repudiation and verification of identity of the end user.

CCP don’t even S/MIME sign their emails.

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.