[Cryptography] Functional specification for email client?

Ray Dillinger bear at sonic.net
Fri Aug 30 19:50:44 EDT 2013


On 08/30/2013 01:52 PM, Jonathan Thornburg wrote:
> On Fri, 30 Aug 2013, Ray Dillinger wrote:
>> 3.  When an email user gets an email, s/he is absolutely sure that it comes
>>      from the person who holds the email address listed in its "from" line.
>>      S/he may or may not have any clue who that person is.  S/he is also
>>      sure that no one else has seen the contents of the email.
>
> This probably needs amending to deal with messages addressed to multiple
> recipients (either cc:, bcc:, or simply multiple to: addresses).
>

Right.

More generally, I was hoping for feedback as to whether this is a design
useful to and usable by ordinary people.

It's fairly straightforwardly implementable as a fully distributed system,
given the notion that "routing information" includes public key.  The only
slightly tricky issue is maintaining the coherence of the per-domain
routing databases among mutually suspicious clients, and there are existing
techniques for that.

It's also compatible with current standards for email payloads, so existing
infrastructure can easily be adapted; in the protocol stack, it looks like
any other MTA.

It can also fairly easily gateway to SMTP, but is not dependent on it.

				Bear




More information about the cryptography mailing list