How to improve our GUIs (was: We have GOT TO make things simpler)

Ryan McGinnis ryan at
Wed Oct 30 14:47:49 CET 2019

I might be missing something really obvious here but... what is this
trying to protect against?  It's not protecting against interception in
transit, since the message already transits the internet either in
cleartext or encrypted via TLS that your email service provider can
definitely read.  So if your goal is to protect the privacy of your
email in transit, then this doesn't seem to do anything; if your goal is
to protect the privacy of your email from your service provider snooping
it, then this doesn't seem to do anything.  Your service provider can
certainly (and probably does certainly) retain archive or backup copies
of all emails that enter into and exit your account, so encrypting them
after reception only means that the copy you are accessing is encrypted
and non-accessible to the provider, but the copy that they archived or
backed up is just as plaintext as always (or is, more likely, encrypted
with a key that only they know). 

The only time encrypting your email storage with a key only you have
makes sense is if your provider pinkie promises to not store or archive
anything on their servers other than what you see live in your email
inbox.  Or, for example, if it's something like Protonmail does, which
is never store anything on their servers that isn't encrypted with the
user's private key that they don't have, so even their backups are
something they can't access the plaintext from.  And even then you are
relying on their pinke-promise that they are doing this, it is not E2E
unless you are sending messages to and from Protonmail users or you are
PGP encrypting messages before they leave or arrive at the service.  
And E2E is really the only solution that keeps your email provably
private from all parties concerned other than the recipients. 

On 10/29/2019 7:33 PM, raf via Gnupg-users wrote:
> Hi,
> Sorry if this was mentioned before but I've just come
> across a novel approach to email encryption that
> doesn't do end-to-end encryption, but rather it
> encrypts email upon receipt so that an individual can
> encrypt the email that is stored in their IMAP account
> as it arrives without the need for every sender to
> encrypt and without the need for any service provider's
> involvement (you just need an IMAP account), and it
> supports reading email from multiple devices, each with
> their own local private key. Most importantly, it
> doesn't require the user to know anything about
> encryption except that they want some.
> It might not address all threats but it certainly seems
> to solve some very real threats, mainly the threat of
> someone hacking into your IMAP account and accessing
> every email you ever received.
>   Making It Easier to Encrypt Your Emails
>   Authors: John S. Koh, Steven M. Bellovin, and Jason Nieh
> [paywall, usenix]
>   Why Joanie Can Encrypt: Easy Email Encryption with Easy Key Management
>   EuroSys '19 Proceedings of the Fourteenth EuroSys Conference 2019
>   Authors: John S. Koh, Steven M. Bellovin, Jason Nieh
> [paywall, acm]
> [free]
>   Easy Email Encryption with Easy Key Management
>   Authors: John S. Koh, Steven M. Bellovin, Jason Nieh
> [free]
>   Automatically and invisibly encrypt email as soon as it is received on any trusted device
> [free]
> I know this doesn't help with the discussion of
> improving GUIs to make it easier to encrypt emails that
> you want to send, but it looks like a promising
> improvement in privacy that could help many more people
> than just those that want to encrypt emails that they
> send. And it's still relevant. I expect that those that
> want to encrypt any emails that they send might also
> like all the emails that they receive to be encrypted
> as well.
> cheers,
> raf
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at

-Ryan McGinnis
Sent via ProtonMail

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 839 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the Gnupg-users mailing list