One alternative to SMTP for email: Confidant Mail

[Ben McGinnes]

On 24/03/2015 2:27 pm, Mike Ingle wrote:
> There has been some discussion on gnupg-users about replacing SMTP for
> secure email, and how BitMessage does not scale.
> 
> There is an open source non-SMTP email system called Confidant Mail,
> which is based on GnuPG and hash table storage. The protocol conceals
> metadata (headers like From and Subject are inside the envelope) and
> uses TLS. The client has built-in support for Tor and I2P anonymity. The
> system supports unlimited length attachments (over 4GB) using a
> torrent-like blocking protocol. Messages are GPG encrypted and signed,
> and all messages are acknowledged. Key distribution is built into the
> protocol.
> It's designed to scale using either DNS or a Kademlia DHT to look up
> keys. Servers are paired for high availability. The client can
> automatically configure itself from the server.

A very interesting project and nicely timed too since the protection
of header data will very neatly address a major concern which is now
relevant in Australia with the passing of mandatory data retention
legislation.  Yeah, now officially a police state, within 18 months
everyone will be under constant surveillance.

The custom and single client, as MFPA pointed out, might be
contentious for some users, but there are reasons and clear benefits
too.  I think the major features I'd request would be:

* The ability to load a new message or reply in the editor of your
  choice from the client when drafting, which ought to cut down on a
  lot of the UI debate.

* A client API so that people can extend it further the way they want,
  effectively creating multiple clients from the required base.

After that, the rest will attend to itself.


Regards,
Ben

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 630 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20150404/74e3e6a1/attachment.sig>