[Cryptography] Dark Mail Alliance specs?
mitch at niftyegg.com
Wed Mar 26 21:42:08 EDT 2014
On Sat, Nov 23, 2013 at 12:11 PM, Stephan Neuhaus <
stephan.neuhaus at tik.ee.ethz.ch> wrote:
> On 2013-11-23, 13:30, Ralf Senderek wrote:
> > People are using the internet, they are typing sensitive information
> > into textareas and send them off, and on the other hand
> > "/usr/bin/gpg" is installed on almost every server, why can't we make
> > Johnny Average use it?
> That is almost exactly the title of a very old paper from 1999's
> Usenix Security. It's called "Why Johnny Can't Encrypt:
> In my opinion, massive user-controlled email encryption will not happen.
> Not now, and not in the next ten years.
One baby step in this is for the likes of Google and Yahoo to make
in user profiles for a GPG signature key set in their system. Not support
message encryption but simple signatures.
This establishes an ethic of universal signed and in the future encrypted
And more importantly exercises key management awareness from user to
Today Google has a "send&archive" button sitting next to a send button.
A sign&send button would be an easy addition. A setup option could
the locality of the key and yes locate in the cloud with a pass phrase
Yes, Baby steps... for sure I had to step on a previous version of this note
because I stumbled on the user interface.
T o m M i t c h e l l
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the cryptography