Autocrypt - Wikipedia

Just reading in-depth and trying to understand the security model of Delta.Chat a bit more… There’s a few things that really concern me about how Delta.Chat which relies on Autocrypt work:

• There is no Perfect Forward Secrecy
  
• No verification of keys
  
  • Is therefore susceptible to Man-in-the-Middle attacks
    
• Metadata is a BIG problem with Delta.Chat:
  
  • The To and From and Date are trackable by your Mail provider (amongst many other headers)
    

Hmmm 🤔 cc @deebs@twtxt.net

Sorry if anyone saw my last Yarn here… I deleted it, I was wrong. Looks like everything is encrypted attachments phew but my other concerns above still stand.