Vendors with clearnet email

I see more and more vendors with clearnet email on their PGP. Is it save or a serious fuck in OPSEC? In my opinion, if you open and use clearnet email only from TOR it should be save enough


Comments


[6 Points] crondom90:

You can put anything you want as mail when you create a PGP key, often vendors put fake mail.


[3 Points] GrandWizardsLair:

Safe-Mail.net allows access with TOR: thegrandwizardslair@safe-mail.net was created using a TOR connection and has only been accessed with TOR since its inception. We also use Lelantos, an .onion service with a clearnet gateway. Since we've found it nearly impossible to use TOR to create and access GMail, Yahoo, etc. accounts we'd advise against using them: they leave a trail of IP address breadcrumbs back to your RL identity.

Also remember that the e-mail address in a public PGP key doesn't have to be valid and in fact most are not. Our PGP key lists an e-mail address with the now-defunct tormail.org.


[2 Points] ArcherDNM:

Clearnet through tor using PGP should theoretically be ok, but if you are going to use tor anyway, why not use sigaint or another onion mail provider?


[1 Points] None:

Some services like Bitmessage have a clearnet and TOR option. So a lot of bitmessage emails are actually TOR only.