At 11:36 PM 2/24/2008, Len Sassaman wrote:
I think most of us use OTR now for communication we really care about being private.
When I've looked at OTR, it's basically an instant messaging client; has anybody adapted it to carry email or other applications?
What you're seeing is more likely the impending death of email.
I'd describe it much more as "the death of PGP support for email". When my laptop got stolen a couple of years ago, I did the right thing and genned up new keys, and installed current versions of PGP (the free-beer version of the commercial product) (and its Eudora plugin.) A few months later the PGP expired, and since I hadn't been sending encrypted email to anybody in a while, I'd forgotten the new long-enough-for-21st-century passphrase (:-), so I haven't been able to revoke the keys sitting out on the keyserver. Periodically Hugh bitches at me about not sending/accepting encrypted email, and I suppose I should just install GPG, using cut&paste instead of the friendly email plugin, since not only is PGP no longer supporting non-corporate users much, but Qualcomm has stopped supporting Eudora. Meanwhile, at work, MS Outlook has a reasonably friendly interface for sending encrypted and/or signed email, at least to coworkers, and I can't use it because our internal certificate authority can't generate a certificate for "billstewart@att.com", though it's happy to generate one for "ws5832@att.com", an internal address I have no intention of sending to any humans.
And the cypherpunks? That community has been dead for years. Y'all just didn't get the memo. ;)
On the other hand, the P2P-punks community is burning something like 30-50% of the bandwidth on the internet. And that IPSEC technology that was a cutting-edge civil rights issue in the 90s has become a routine commodity; it's how I've commuted to work for a decade or so.