Probably people just need two email clients: One for non-secure email, another that only sends secure messages. They can both use imap for the same account. Bonus: spam might potentially have a hard time getting accepted as a secure sender, leaving secure email spam free. Alternately, do it on viewing / editing via plugins that are less invasive and more secure. There are several problems: Choosing an ID system: email address + key ID of some kind. Key exchange / trust system: Hierarchical (do you trust some or all CAs? Their signup policies?), web of trust (GPG or similar), personal signing, etc. Visibility and understanding: Current systems are annoying even for experts. No hope of a normal user looking at or understanding ID/cert/key trust situation. Make it specific and simple: CA is safe but could be coopted by TLA or mistakes, signup was weak (could have been a stolen credit card), password could have been stolen, mitm exposure, etc. Just draw the trust / exploit tree. Factor in multi-factor, alternate channel checking, etc. Ease of selecting, enabling, and using read/write interfaces. Solve the problems of control, time available, ability to save for later safely. Stephen On 4/20/14, 10:55 PM, Scott Blaydes wrote: On Apr 20, 2014, at 7:05 PM, coderman [1] wrote: we have the maths! we have the technology! ... yet actual robust, private communications remain elusive. where the "Great Filter" thwarting our privacy codes? is it usability; anything more than invisibly automatic a failure? Yes. People keep claiming that it is just too hard to encrypt email. There are p lugins for all platforms. If you can’t send encrypted email, sending email in th e first place is probably too difficult, just txt everyone on your fone. The sma rtfone has made for such stupid people that if it can’t be done in just a few ke ystrokes (content included) then it is too hard or tl;dr. Remember the old days when there wasn’t PPP and SLIP connections? Before broadba nd. When a conversation on IRC was enjoyable, the right amounts of humor and act ual thought? And you knew not to ask for help in #unix on efnet. is it cost; anything more than zero too much to bear in the market? No, everyone can afford a smartfone now a days. is it correctness; anything less than a single mode always secure, broken? Life is full of levels of grey, and so is security. That password you use on new sites you don’t trust vs your gpg/pgp passphrase. The sheeple don’t have levels of grey with regards to security, either take it to their grave or everyone can see. Chatting with someone who was looking to start his own desktop Linux distro. I s uggested an encrypted messaging platform over the security-hole-riddled platform he was using and he told me he had nothing to hide. I told him he wasn’t the ki nd of person who should be developing anything security related. Security takes effort that people are not will to expend. perhaps all of these above, each a requisite element of robustness, further compounding the difficulty of realizing an ideal. -- Stephen D. Williams [2]sdw@lig.net [3]stephendwilliams@gmail.com LinkedIn: [4]ht tp://sdw.st/in V:650-450-UNIX (8649) V:866.SDW.UNIX V:703.371.9362 F:703.995.0407 [5]AIM:sdw [6]Skype:StephenDWilliams [7]Yahoo:sdwlignet Resume: [8]http://sdw.st /gres Personal: [9]http://sdw.st facebook.com/sdwlig twitter.com/scienteer References 1. mailto:coderman@gmail.com 2. mailto:sdw@lig.net 3. mailto:stephendwilliams@gmail.com 4. http://sdw.st/in 5. AIM:sdw 6. Skype:StephenDWilliams 7. Yahoo:sdwlignet 8. http://sdw.st/gres 9. http://sdw.st/