On Wed, 14 Feb 1996, Jon Lasser wrote:

For those people who have Netscape / an SSL-enabled web-browser, wouldn't it be useful to have secure web pages that did the following: ... (3) Ultimately, a server that did (2), through (1). Being able to send PGP encrypted email to a recipient through anonymous remailers, over the web with a secure browser might be PGP's "killer app" in one way or another.

How hard would this be to implement? Would it be worth waiting until the PGP 3.0 API is released?

At first I wondered why you'd want to send encrypted mail you couldn't sign with your own key, but on second thought, I can think of a lot of reasons. I'd think that much of the hard and unique work would be, first, proper interface design, and second, putting together an efficient database and database extraction mechanism for huge key rings (I notice that the MIT keyserver was recently upgraded; talk to them). While the PGP 3.0 API would help with the implementation, I see no reason to wait on these infrastructure steps. The final version would use the more secure and efficient API, but quick modular hacks for steps that would be fulfilled by the API should be all that is needed. If you put together a proof-of-concept model, even one that doesn't really work, I think you'd see this idea take off. I see no reason to wait, and while I'm certainly no CODERpunk, I'd be more than happy to play with user interface mockups in my copious free time... -rich Institute for Ernst Zundel Revisionism http://36.190.0.210/~llurch/Not_By_Me_Not_My_Views/