-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 07/25/2013 12:55 AM, grarpamp wrote:

Check your preferences are set. Somehow I bet there will be a move to this rather soon.

I have my doubts. Newer SSL libraries have PFS support but whether or not admins or hosting providers will upgrade to them (or enable PFS ciphersuites) in a reasonable period of time remains to be seen. For example, Dreamhost has no immediate plans to upgrade their server infrastructure to include releases of OpenSSL that support PFS. I've lately started to explore SSL configurations around the Net with this addon for Firefox: https://calomel.org/firefox_ssl_validation.html

Yet note, Dec, a provider simply logging the session keys is still possible.

On the server side, or in their production networks?

Though much costlier for evil pursue that cheap route if there are lots of small mail providers out there for people to use... who says you have to use the big three, or cannot run a mail service?

There is nothing that says that you have to use the big three, but running a personal mail service is problematic today for several reasons. Firstly, the CPU power required to perform decent spam filtering is significant. Not all providers can provide that kind of horsepower without charging you through the sinuses. From a purely cost-based perspective, it makes more sense to buy the services of a provider who factors that in. Second, if your server is on a net in CONUS, it can be blackbagged. Evidence suggests that this is already a known and used tactic. Third, antispam blacklists are notorious for deciding that an IP is hostile and blacklisting it for such criteria as the phase of the moon or whether or not the winning score of the local sports team was prime or composite last week (this is why I stopped running my own, incidentally - fewer and fewer people were receiving mail from me).

Or a distributed social / call / sharing platform, etc? Next topic, DHT p2p tech... we are 'always on' right?

There are a few such solutions in existance right now. A few of us have been testing Retroshare (http://retroshare.sf.net/), which uses the BitTorrent DHT to find peers (among other methods) and its realtime chat, message boards, and VoIP capabilities are pretty good, though we've also been discovering lots of bugs scattered across a number of platforms during the course of testing. We've also run into problems with firewalls that are supposed to support UPnP not actually doing so. I've been playing around with GnuNET for a couple of days, but the documentation is, to be honest, kind of pants. I've yet to make any real headway with it because the docs don't seem to line up with the codebase anymore. - -- The Doctor [412/724/301/703] [ZS] PGP: 0xF1F922F2 / CABE 73FB 2D68 D1EF 3956 A468 7B1F DFE8 F1F9 22F2 WWW: https://drwho.virtadpt.net/ The future belongs to the brave. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.20 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJR8TUeAAoJEHsf3+jx+SLyy4wH/i5N1W/juXr1+I/sv1UbSmxt b2LGppjKWgkxXysljVP82lKd8O0pnq7O8U/yLQ5MTQ4UvpRZWzjfBpJqSrEq0/Gf Rk1J4TnSPjlW+Z9mPyivfRMJaV/qn5B/wkZ9WQhzZdKS5mV/r1nTp4CKtiDcH67l gmR1Vcnnnz0aFQ4bekQTVmtFLV0ppV1+10wOvUq9uy8TFPgTpl96d+I/rZ3veQ7s fNvej7E3GEB7zjUm8zt2q5wWsab+DD5FAzLqPw1wS3TWH6w5FGTdmgC61KRJUV15 +8AMye7viSHRxe4j1s0i4FhIwaMZxHmNGtXX1vMcmfTbi48g5axn2mujU3TuW44= =IiiG -----END PGP SIGNATURE----- _______________________________________________ zs-p2p mailing list zs-p2p@zerostate.is https://lists.zerostate.is/mailman/listinfo/zs-p2p