On Mon, Nov 26, 2001 at 05:12:38PM -0800, georgemw@speakeasy.net wrote:
I gave a little bit of thought about what an encrypted email client should look like for joe sixpack to use. Here's how the DEFAULT behavior would work:
When you install the software, it generates a public-private key pair. It saves your private key right there on your hard disk unencrypted, no tricky passphrase to remember. It then uploads your private key to some central server.
you meant uploads your public key to some central server.
The software maintains a list of public keys, if you want to send mail to someone for whom you don't have a public key, it'll check the server for one. If you have a key for someone, it'll automatically encrypt. If you receive encrypted mail, it'll automatically decrypt (and save the decrypted mail on your hard drive). It'll have a little icon on a mail message indicating if it was encrypted, and there'll be an icon next to each name in the address book indicating if you have a key for that address, but for the most part it'll encrypt opportunistically and the user won't need to know or care if a message is encrypted or not.
I think that the Joe Sixpacks who would care enough to install "secure" email would like to have some sort of feedback that it's working, i.e. they need to unlock the private key with a password. Of course they'll choose a lame one, but that's besides the point. There's two sub-species of Sixpack-- the one I describe, and those who don't know and don't care about secure email, which is who you're talking about. It's the the "early adopter" Sixpacks I'm thinking of. Once you get enough of them, then the someone will declare it an industry standard and all the Sixpacks will get it, whether they know it or not. I wrote something like what you're describing long ago, for a large workstation maker. Only this was a hack on sendmail to automagically encrypt/decrypt mail between offices in foreign countries whose security services were known to snoop on technology companies.
Personally, I think it'd be better if the sixpackers used this kind of encryption than no encryption at all, if I thought that people wuld use this kind of email client I would write it, it shouldn't be too hard since I could probably steal most of the code.
How about an add-on to MSIE or Netscape? Either one has a pile of crypto junk to call on. Making it work with S/MIME might be an easy way to do it. Eric