It's time for PGP to die.

Peter Lebbing peter at
Sun Aug 17 12:17:11 CEST 2014

On 17/08/14 11:57, Werner Koch wrote:
> Using this feature it is possible to keep the entire RFC-822 based mail
> infrastructure while using a different transport mechanism.  This can be
> done mostly transparent for existing applications using a private or
> corporate gateways.

So basically what you're suggesting is:

- MUA's still work with RFC-822 based mail, with a sort of "dummy" envelope that
holds an encrypted MIME message/rfc822 inside with the real metadata. These
MUA's still talk IMAP and SMTP.

- We define a new transport; the message the MUA hands via SMTP is not sent on
with SMTP, but with a different transport that's not quite as leaky with
metadata. This transport ultimately delivers the message to a mailbox server
allowing access over IMAP for the MUA.

Did I interpret it correctly?



BTW: I still think hop-by-hop encryption with TLS, with the certificates
authenticated through something different than the CA system, goes a long way in
thwarting mass surveilance. For massive, passive data trawling surveilance, even
the CA system combined with ephemeral TLS keying might be enough, since it
requires a MITM to intercept TLS with a fake certificate. Ephemeral keys just to
be on the safe side :).

I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <>

More information about the Gnupg-users mailing list