2
I've been using e-mail for over a decade in a regular business environment, but I can not remember having seen any invitation from anybody to GPG sign my e-mails (or somebody who offered to send GPG-signed e-mails). Nevertheless, GPG appears to be the de-facto e-mail signing encryption mechanism.
So my question is: in what kind of environments have you seen GPG being used frequently? I'm thinking in specific industries, or perhaps only within companies where everybody has been trained and has their keys set up. But I'd like to hear from people who have actual experience with this. And is it useful to publish my key and put this in my signature, to see if other 'hidden' users will actually tell me that they also use GPG, or is this not very common among regular business users?
1I'd been signing all my email for years, but as far as I know, no one ever verified a signature, nor asked me for my key. I stopped bothering around the beginning of this year. – Wyzard – 2012-07-20T01:43:50.513
Sorry, but this question isn't asking for one definite answer, but rather leaning towards discussion. This falls under not constructive (please see the [FAQ#dontask]) – as every answer is equally valid. – slhck – 2012-07-20T01:44:54.247
2But GPG signing is used in open-source developer communities, such as the Linux kernel maintainers and the Debian developers, to ensure integrity of submitted code. – Wyzard – 2012-07-20T01:44:56.673
1But if you want to "advertise" that you use GPG, just sign the email you send. The digital signature includes your key ID, so you don't have to include it in the message text. – Wyzard – 2012-07-20T01:46:31.710
Looking at the most popular e-mail clients I would rather say that S/MIME is the standard for e-mail signatures. – Robert – 2012-07-20T08:26:07.967