Open full view…

Secure Email

Thu, 14 Nov 2013 22:15:01 GMT

Thu, 14 Nov 2013 22:15:01 GMT

While I haven't thought through all the details, it sounds like a great solution. More importantly, the fact that it doesn't suggest completely replacing the email protocols, makes it possible (_nb._ I doubt that any solution suggesting changing the protocols will happen in our lifetime).

Fri, 15 Nov 2013 01:57:52 GMT

Are you trying to solve the security problem or the storage problem? Much of the "hard" part of the security problem is handwaved away by "using that recipient's public key". PGP can already do that, and has proven unworkable. (partly UI and partly where you get and keep those keys!) The hard part of the storage problem is left unaddressed: searchable storage accessible from many devices.

Jeff Darcy
Fri, 15 Nov 2013 03:31:04 GMT

The problem with PGP is not that it's unworkable, but that to work with the legacy delivery infrastructure it has to leave the envelope out in the open. NSA and Snowden have done a pretty good job proving why that's a crappy idea. What I'm trying to do here is come up with a way to keep the envelope private as well, while maintaining the convenience of a standard email client without a whole lot of extra steps. You're right that there's a key-distribution problem. I don't solve that. Nor do I make it Aworse. By not embedding that aspect into the storage and distribution system, it remains possible to take advantage of alternatives and advances without having to change this system in fundamental ways. As for the hard part of the storage problem being unaddressed: see the rest of this blog and my other. As you well know, I've spent quite some years working on significant parts of it. Storing, finding and replicating files or objects across many nodes in a distributed system is hardly unexplored territory. Even the aspect of foiling traffic analysis in the process has its precedents - Tor, Freenet, GNUnet, and so on. Putting together all of the pieces would still be a lot of work, but first there needs to be a way for the pieces to fit together.