[Cryptography] Good private email
Alexandre Anzala-Yamajako
anzalaya at gmail.com
Mon Aug 26 12:44:13 EDT 2013
This is everything *but* PRISM-proof : it doesn t solve the metadata issue
and your directory server containing public keys could very well be forced
by a law enforcement agency ( in the best case scenario because it could
also be the mafia) to answer the fbi/mafia public key on any request made
to it.
On Monday, August 26, 2013, Richard Salz wrote:
> I don't think you need all that much to get good secure private email.
> You need a client that can make PEM pretty seamless; reduce it to a
> button that says "encrypt when possible." You need the client to be
> able to generate a keypair, upload the public half, and pull down
> (seamlessly) recipient public keys. You need a server to store and
> return those keys. You need an installed base to kickstart the network
> effect.
>
> Who has that? Apple certainly; Microsoft could; Google perhaps
> (although not reading email is against their business model). Maybe
> even the FB API.
>
> It's not perfect -- seems to me the biggest weakness is (a) the client
> could double-encrypt for TLA's to read, or (b) it could give you the
> wrong key so your mail only goes to the bad guy -- but it's a hell of
> a lot better than we have now and I'd say it's more than good enough.
>
> Thoughts?
> _______________________________________________
> The cryptography mailing list
> cryptography at metzdowd.com <javascript:;>
> http://www.metzdowd.com/mailman/listinfo/cryptography
>
--
Alexandre Anzala-Yamajako
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20130826/711c4cb9/attachment.html>
More information about the cryptography
mailing list