[Cryptography] Dark Mail Alliance specs?
Bear
bear at sonic.net
Wed Mar 26 15:45:29 EDT 2014
I don't want to divert you from what may be an entirely useful course,
but I'm firmly of the opinion that interoperability with present email
infrastructure, or even the attempt at it, is fatal to privacy. In
fact even the promise of such interoperability is a strong reason to
NOT trust a new encrypted email application.
By the time you have something that allows email to "sync" seamlessly
across several devices, allows file attachments, allows clickable
URLS to invoke browsers that can execute scripts, can show attached
file contents to a browser so people can use a (script-executing!)
browser to view it, links to external libraries to resolve MIME
types, and uses plugins created for unencrypted systems, you have
introduced at least a dozen gaping holes that some black-hat can and
will drive a tank through.
It does no good to encrypt messages in flight (or even on disk!) if the
application that can read those messages sprays access to them around
indiscriminately to whatever happens to be installed on the user's
machine.
Bear
More information about the cryptography
mailing list