[Cryptography] multi-key encryption of "meta" data

[John Kelsey]

> On Jul 16, 2014, at 9:46 AM, Phillip Hallam-Baker <phill at hallambaker.com> wrote
...
> The missing links that makes PGP and S/MIME unworkable from a usability point of view are
> 
> 1) No consistent infrastructure for key discovery
> 2) No mechanism for stating security policy

(2) seems to me to make for a pretty unworkable system for normal people.  I think I could conceivably get my mom, dad, and sister to understand some specific security policy that was more-or-less global, but not to read through a security policy for every recipient they might want to send to.  The security policy that would make sense there would be something like:

a.  If it comes to you with my from: address through this system and shows up, it's really from me (or at least someone with my private key).

b.  Nothing sent through this system can be read by anyone along the way except the listed recipients.  

c.  Nobody can determine that you are sending messages to me or receiving them from me by observing the communications in and out of the system.  

More details should be available for those who want them, but don't require people to know or care about them to use the system securely.

--John