Perhaps, but I haven't looked closely into what aspects of HTML e-mail clients block or don't (particularly closed-source ones). Historically, I think they've been behind browsers in terms of security and privacy. In any case, plain text is much less likely to be harmful than HTML. Especially given the nature of this project in particular, better safe than sorry, in my opinion. Alain -----Original Message----- From: ciphershed-bounce@xxxxxxxxxxxxx [mailto:ciphershed-bounce@xxxxxxxxxxxxx] On Behalf Of Kyle Marek Sent: Friday, June 13, 2014 19:25 To: ciphershed@xxxxxxxxxxxxx Subject: [ciphershed] Re: Signed HTML emails in the mailing list On 06/13/2014 06:49 PM, Alain Forget wrote: I always deliberately read and write text-only e-mail as a security and privacy precaution. I'm a bit surprised someone is suggesting that people in a security-related mailing list do otherwise. Don't all mail clients block anything that's dynamic in HTML? Mine doesn't even show images by default in fear that an image is going to exploit a buffer overflow, but i still have html (so i still have fonts, boldness, ect.) ________________________________ At the time of sending this message, I have not been contacted by any government official or worker regarding my participation in CipherShed or any related project. I have not been asked to supply any information to them that may be used to impersonate me nor have I been asked to aid the government or it's officials or workers in modifying part of CipherShed or any related project. I am not aware of any of my property or anything regarding me being bugged, searched, or compromised in any way. Anything that accepts PGP encryption or signing should have been cryptographically secured with my PGP key.