symmetric email encryption
2014-667rhzu3dc-lists-groups at riseup.net
Sat Jul 19 17:51:23 CEST 2014
-----BEGIN PGP SIGNED MESSAGE-----
On Friday 18 July 2014 at 11:34:19 PM, in
<mid:1460534.5JfKcsUOYz at thufir.ingo-kloecker.de>, Ingo Klöcker wrote:
> Sure. But the NSA already knows the correspondents of
> all of our mail anyway. Keyserver lookups do not add
> any additional data (except of the information that you
> are trying to look up a key resp. that you are talking
> to a keyserver).
Time of use is a big piece of information that a keyserver lookup
could add. And, maybe, IP address, operating system, software...
> Good point. Automatic decryption should be possible for
> those that want it. My scheme is mostly meant as
> in-transit encryption which again is way better than
> our current status quo.
And the choice whether to store their emails encrypted or decrypted.
Storing decrypted could be an issue, especially if the emails are
stored on a server rather than the user's machine.
> Peter Lebbing wrote:
>> An e-mail system with a default big usability issue
>> will get swapped out for a more pleasant to use one.
It might, but Outlook is in widespread use despite major usability
> Peter Lebbing wrote:
>> Finally, I think people might take issue with their
>> e-mail address automatically being posted to a public
A certain minority would take exception to this, including myself. It
is less of a problem for me with the automatic upload of just a single
email address per key and no name/identity information.
> How exactly does one harvest email addresses from the
> keyservers? Can I ask keyservers to give me all keys it
> has in storage? Or do I need to search for keys
> matching a certain substring? I honestly don't know.
> Anyway, if this really becomes a problem than key
> lookup probably needs to be made as inconvenient as
> trying to send email probes to randomly generated
> email addresses.
Isn't key lookup already more inconvenient than randomly generating
email addresses? Or have I missed something?
> For my scheme to work the keyservers would only need to
> return keys where the email address part of a uid
> exactly matches the recipient's email address.
The email address could be hashed in the key UID that's automatically
> Moreover, for my scheme to work no key certification is
> necessary, i.e. crawling from one key to the next via
> certification signatures wouldn't be possible.
Some people have specific use cases where key certification is needed.
But most email communication doesn't have a way of being sure who
controls the address.
> The scheme has more issues: For example, there's no
> message integrity protection (via signing) whatsoever.
There's no reason not to have it.
MFPA mailto:2014-667rhzu3dc-lists-groups at riseup.net
Live your life as though every day it was your last.
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----
More information about the Gnupg-users