Sixpack Encryption Email client

Mon Nov 26 17:12:38 PST 2001

On 21 Nov 2001, at 21:00, Sandy Sandfort wrote:

> David wrote:
> 
> > Declan's comment on operating a physical
> > remailer for suitably valuable cargo,
> > plus some of Tim's recent comments about
> > integration, made me think of the
> > question in the subject line. So far
> >I see at least three possible answers.
> >
> > 1) Make lots of money.
> >
> > 2) Spread awareness (that "funny feeling in the stomach" recently
> > discussed) and save our fellow man. Make the world safe for privacy.
> >
> > 3) Ensure that cryptography and privacy-enhancing technologies have uses
> > besides "Four Horsemen of the Infocalypse," so that they aren't banned.
> >
> > anything else?
> 
> Yes, a corollary to 2) is that by saving our fellow man, we are saving
> ourselves as well.  The elitist idea that it doesn't make any difference
> what happens to the little people is wrong-headed.  Because the world is set
> up to make cars affordable for the little people, you and I can have
> personal automotive transportation at a fraction of the cost if we were to
> try and assemble them up in Galt's Gulch.  If crypto gets wide-spread use by
> the little people, our use will be lost in the noise.
> 
> 
>  S a n d y
> 
> 

I gave a little bit of thought about what an encrypted email client 
should look like for joe sixpack to use.  Here's how the DEFAULT
behavior would work:

When you install the   software, it generates a public-private key
pair. It saves your private key right there on your hard disk
unencrypted, no tricky passphrase to remember.  It then uploads
your private key to some central server.

The software maintains a list of public keys, if you want to send
mail to someone for whom  you don't have a public key, it'll
check the server for one. If you have a key for someone, it'll
automatically encrypt. If you receive encrypted mail, it'll 
automatically decrypt (and save the decrypted mail on your hard 
drive). It'll have a little icon on a mail message indicating if
it was encrypted, and there'll be an icon next to each name
in the address book indicating if you have a key for that
address, but for the most part it'll encrypt opportunistically
and the user won't need to know or care  if a message is
encrypted or not.

I'm sure I don't need to go into detail explaining what's wrong with 
this, but it should be obvious that every convenience violates
an important security rule.  And it pretty much has to be that way.
You either have to remember a passphrase and key it in, or
any fool who gets access to your computer can easily read your
private key, and so on.

Personally, I think it'd be better if the sixpackers used this kind
of encryption than no encryption at all, if I thought that people
wuld use this kind of email client I would write it, it shouldn't
be too hard since I could probably steal most of the code.

George 