On 3/3/2015 2:16 AM, stef wrote:
two things:
1/ stop beating the dead horse (email)
That's a silly thing to say on a mailing list, lol. Obviously the medium is still useful. SMTP, however, is an old and lame horse that ought to be turned into glue. The best way to do that IMHO is make a new protocol, use them in parallel, and wait until the old one becomes a big enough nuisance to go away. That is what I am trying to do here.
2/ there is (or at least should be) a huge difference for cryptograms encrypted in transit between peers, and data resting and being queried by only one person.
Yes, data at rest is encrypted with things like DiskCryptor and cryptoloop. Data going over a wire is encrypted with TLS. A message addressed to a particular person (to whom you do not have a live connection) is best encrypted with something like GPG. You need all three for a secure messaging system.
3/ protocols like pond which address adversarial progress over the years should be preferred over outdated and broken protocols. but i guess i'm repeating 1/ already.
Which adversarial progress are you referring to? GPG has proven itself robust over the years, and Confidant Mail does not use SMTP. If you mean forward secrecy, I'm working on that. In the meantime I'd still rather trust GPG than some unknown protocol. If my private key gets stolen that's my own fault for being careless.