[Cryptography] DIME // Pending Questions // Seeking Your Input

[Christian Huitema]

> Let's compare DIME with a fairly minimal and simple email encryption
> environment. In our simple environment encrypted email is sent over
> normal email channels. There are public key "signet"s for the users,
> which are kept in a distributed directory on a server somewhere.

The DIME transmission itself appears to be a minimal form of onion routing:
the sender passes it to the sender agent, which encapsulates it. The sender
only tells the sender agent about the next step, the receiver's agent. SO
the sender agent forwards that to the receiver agent, which then passes it
to the actual receiver.

I believe we should be able to achieve something similar using a kind of
"postmaster" convention:

Inner message: from Alice at sender.net to Bob at receiver.net. Alice encrypts it,
so that bob can decrypt.
Alice places the message in an envelope, from postmaster at sender.net to
Bob at receiver.net. Alice encrypts, postmaster at receiver.net can decrypt.
Alice submits the message to postmaster at sender.net, asks postmaster to send
it to receiver.net.
Postmaster at sender.net agrees to send it, places message in an envelope from
postmaster at sender.net to postmaster at receiver.net.
Postmaster at receiver.net decrypts the outer envelopes, forward the inner
envelope to Bob.

Thinking of that as a form of onion routing allows for further extensions...

As for the signets, that may be the most interesting contribution. If done
right. If we can indeed solve distribution of user keys, then lots of good
things happen. But we have to keep it simpler than the initial DIME spec.
 
-- Christian Huitema