My software goes through Tor hidden services (or exit node if necessary)
and sets up a TLS session inside that.
The From address of the mail only exists inside the encrypted envelope,
which only the recipient can open.
If someone had a global view of the Tor nodes, they might be able to
track a particular message via timing, but going through Tor prevents
mass surveillance by a passive observer.
Mike
On 4/10/2015 12:28 PM, Cathal (Phone) wrote:
Metadata includes who speaks to who, which can only be hidden by
obfuscation in a mixnet, public-message-boards that recipients pull
randomly or fully from, or similar ways of removing means of
connecting endpoints.
On 10 April 2015 20:08:04 GMT+01:00, Mike Ingle
<mike@confidantmail.org> wrote:
How does one go about getting on this list? I think Confidant Mail
qualifies. It uses GPG end to end, and encrypts the metadata in transit.
On 4/10/2015 6:44 AM, hellekin wrote:
On 04/10/2015 03:59 AM, Seth wrote:
https://github.com/sweis/crypto-might-not-suck/blob/master/README.md
*** When EFF launched the Secure Messaging Scoreboard, lynX
and I were a bit pissed that they even mentioned proprietary
solutions, so we made an alternate list:
http://libreplanet.org/wiki/GNU/consensus/Secure_Messaging_Scoreboard
== hk
--
Sent from my Android device with K-9 Mail. Please excuse my brevity.