Don Eastlake has written an internet-draft proposing to add signatures and encryption to the Internet mail-delivery system. The two big differences between his proposal and past proposals are: * They work at the "sendmail" level, not at the "mail reader" level. This doesn't give your mail complete end-to-end protection (unless you use "mail reader" encryption like S/MIME or PGP). But it's a lot easier to install and maintain; your sysadmin can do it for your whole site, instead of having to retrain every user. * They use the Domain Name System to keep the keys. Since DNS is going to distribute keys for its own authentication, these can also be used to provide authenticated public keys for remote host machines, so that email destined for those machines can be encrypted. With existing systems, getting and validating keys is a big problem. I encourage cypherpunks to read his draft and to participate in the discussion and/or implementation that results. The general MUSE web page is at http://www.imc.org/ietf-muse/. You can find the hypermail'd mailing list archives there, as well as the Internet-Draft (draft-eastlake-muse-00.txt). I hope that soon the Web page will tell you how to join or exit the mailing list, too! One initial technical question I have about MUSE is why to bother encapsulating email messages while in transit in more layers of MIME glop? Why not just run IP Security between the sendmail daemons involved, and have the receiving sendmail daemon note in the Received header that the message arrived over an authenticated connection? IPSEC provides your choice of authentication and/or encryption, and already uses the keys from the Domain Name System. IPSEC solves many other problems as well as the particular secure/private email delivery problem. And deploying a Real Application (sendmail) that uses IPSEC would shake it out and get it widely used. John Gilmore