How email encryption should work

[Lars Eilebrecht]

According to James:

> I would appreciate some analysis of this proposal, which 
> I think summarizes a great deal of discussion that I 
> have read.
> 
> Here is how email encryption should work:
[...]
>     * In the default case, the mail client, if there are 
>     no keys present, logs in to a keyserver using a 
>     protocol analogous to SPEKE, using by default the 
>     same password as is used to download mail. That 
>     server then sends the key for that password and 
>     email address, and emails a certificate asserting 
>     that holder of that key can be reached at that email 
>     address. 

Are you saying that the keyserver creates the
public-private key pair for the user?
That doesn't sound like a good idea.

>     Each email address, not each user, has a 
>     unique key, which changes only when and if the user 
>     changes the password or email address.

How do you prevent that a user creates a key/certificate
for an email address the user doesn't own.


>     * The email client learns the correspondent's public 
>     key by receiving signed email. 

Unless you use certificates issued by a trusted-third party,
that's not secure.



ciao...
-- 
Lars Eilebrecht
lars at evildoer.de