It's time for PGP to die.
peter at digitalbrains.com
Sun Aug 17 12:17:11 CEST 2014
On 17/08/14 11:57, Werner Koch wrote:
> Using this feature it is possible to keep the entire RFC-822 based mail
> infrastructure while using a different transport mechanism. This can be
> done mostly transparent for existing applications using a private or
> corporate gateways.
So basically what you're suggesting is:
- MUA's still work with RFC-822 based mail, with a sort of "dummy" envelope that
holds an encrypted MIME message/rfc822 inside with the real metadata. These
MUA's still talk IMAP and SMTP.
- We define a new transport; the message the MUA hands via SMTP is not sent on
with SMTP, but with a different transport that's not quite as leaky with
metadata. This transport ultimately delivers the message to a mailbox server
allowing access over IMAP for the MUA.
Did I interpret it correctly?
BTW: I still think hop-by-hop encryption with TLS, with the certificates
authenticated through something different than the CA system, goes a long way in
thwarting mass surveilance. For massive, passive data trawling surveilance, even
the CA system combined with ephemeral TLS keying might be enough, since it
requires a MITM to intercept TLS with a fake certificate. Ephemeral keys just to
be on the safe side :).
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
More information about the Gnupg-users