Dark Mail Alliance for end-to-end private and secure email

coderman coderman@gmail.com
Thu Oct 31 01:50:22 PDT 2013


darkmail.info: "end-to-end encrypted protocol and architecture ...
[for] private and secure email", presumably a white paper is
forthcoming. initial release anticipated in 2014.

... which returns on port 443: "Error 102 (net::ERR_CONNECTION_REFUSED)"

(~_~;)


---


requirements for end-to-end secure email:

- content of messages always protected; ensure authenticity and
privacy of content. (plain-text content is not an option)

- keys generated and kept on device / user end-point. (no server side
generation or storage of private keys on behalf of users; support
hardware secured private key and wrapped storage on devices with HSMs)

- mail header scrubbing is performed at delivery, in transit, and on
receipt to limit metadata exposure.

- server-to-server communication enforces STARTTLS with PFC capable
cipher suites.

- client-to-server communication enforces TLS with PFC capable cipher suites.

- service resistant to kleptography and covert channels. (use open and
robust protocols, use robust key lengths, use fail-safe rather than
fail-vulnerable configurations, ...)

- for extra credit, solve the subject line as part of public header
metadata problem. (solving the metadata problem for email is super
extra credit ;)

- what else?


is it possible to build such a system without compromising privacy or usability?
  i remain skeptical...



More information about the cypherpunks mailing list