[cryptography] The next gen P2P secure email solution

rysiek rysiek at hackerspace.pl
Thu May 15 20:16:35 PDT 2014

Dnia czwartek, 15 maja 2014 20:26:27 grarpamp pisze:
> >> pesky to/from/subject/etc headers.
> > 
> > Oh boy, here we go.
> > Those are hidden by use of TLS.
> Have you not been following the weaknesses intrinsic
> to SMTP discussions?
> Yes, they are hidden in TLS transport on the wire.
> No, they are not hidden in core or on disk at
> the intermediate and final message transport
> nodes. That's bad.

And I don't think they're hidden in any meaningful way on the server-to-server 
wire. As in: whose mailserver validates TLS of the destination server?

That's actually an interesting research question. This goes for other semi-
decentralised, client-server services like XMPP for instance.

And even if they do validate it, thinking that NSA et al do not have root 
certs allowing them to MITM the communication as they wish is naivety.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cpunks.org/pipermail/cypherpunks/attachments/20140516/ee462c44/attachment-0002.sig>

More information about the cypherpunks mailing list