sirdarckcat
commented
7 years ago Hi
In it's current form, there is no spam detection.
We expect that if OpenPGP becomes very popular, spammers will quickly follow, however most email clients are already able to detect spam even without access to the plaintext, based on IP, sender, subject, etc.
If SPAM becomes too much of a concern, we have considered a few approaches, from product changes (manage whitelist of senders) to reputation changes (based on our key distribution strategy) all the way to crazy crypto design (based on threshold encryption and homomorphic encryption).
But as said before, they aren't implemented as they aren't a concern right now, because of the overwhelming minority of OpenPGP users.
Hello-hello,
Looking forward into the future, how does the model address an issue of spamming? I expected that to be explained in the Denial of Service part of the threat model.
Are you looking into client-based spam detection?