Dark Mail Alliance for end-to-end private and secure email
coderman
coderman@gmail.com
Thu Oct 31 01:50:22 PDT 2013
darkmail.info: "end-to-end encrypted protocol and architecture ...
[for] private and secure email", presumably a white paper is
forthcoming. initial release anticipated in 2014.
... which returns on port 443: "Error 102 (net::ERR_CONNECTION_REFUSED)"
(~_~;)
---
requirements for end-to-end secure email:
- content of messages always protected; ensure authenticity and
privacy of content. (plain-text content is not an option)
- keys generated and kept on device / user end-point. (no server side
generation or storage of private keys on behalf of users; support
hardware secured private key and wrapped storage on devices with HSMs)
- mail header scrubbing is performed at delivery, in transit, and on
receipt to limit metadata exposure.
- server-to-server communication enforces STARTTLS with PFC capable
cipher suites.
- client-to-server communication enforces TLS with PFC capable cipher suites.
- service resistant to kleptography and covert channels. (use open and
robust protocols, use robust key lengths, use fail-safe rather than
fail-vulnerable configurations, ...)
- for extra credit, solve the subject line as part of public header
metadata problem. (solving the metadata problem for email is super
extra credit ;)
- what else?
is it possible to build such a system without compromising privacy or usability?
i remain skeptical...
More information about the cypherpunks
mailing list