PGP encrypted Proton Mail addresses dox themselves when using SimpleLogin's reverse aliases by including the underlying email in the attached publickey's filename. For example: "publickey - doxxed-email@proton.me - 0xDEADBEEF.asc"
It would be great to get any of, or a combination of, the following:
1. Remove the identifiable substring from the publickey attachment's filename to avoid disclosing the underlying Proton Mail address: "publickey - 0XDEADBEEF.asc".
2. Refrain attaching public keys to any reverse aliases since the shared public key can link aliases together. Proton Mail is aware of aliases with mailboxes pointing back at the underlying Proton mailbox. I'm sure it's feasible to check if the outgoing message is to a SimpleLogin alias.
3. Each alias has its own PGP key to permit unique encryption for each alias. However, this would require a more intimate integration between SimpleLogin and Proton Mail than the other two options but it would definitely provide the most value.
rr
+100
PGP encrypted Proton Mail addresses dox themselves when using SimpleLogin's reverse aliases by including the underlying email in the attached publickey's filename. For example: "publickey - doxxed-email@proton.me - 0xDEADBEEF.asc"
It would be great to get any of, or a combination of, the following:
1. Remove the identifiable substring from the publickey attachment's filename to avoid disclosing the underlying Proton Mail address: "publickey - 0XDEADBEEF.asc".
2. Refrain attaching public keys to any reverse aliases since the shared public key can link aliases together. Proton Mail is aware of aliases with mailboxes pointing back at the underlying Proton mailbox. I'm sure it's feasible to check if the outgoing message is to a SimpleLogin alias.
3. Each alias has its own PGP key to permit unique encryption for each alias. However, this would require a more intimate integration between SimpleLogin and Proton Mail than the other two options but it would definitely provide the most value.