How to have your encrypted mail in two places at once
Mike Ingle
mike at confidantmail.org
Wed Mar 4 00:34:17 PST 2015
On 3/3/2015 2:16 AM, stef wrote:
> two things:
>
> 1/ stop beating the dead horse (email)
>
That's a silly thing to say on a mailing list, lol. Obviously the medium
is still useful.
SMTP, however, is an old and lame horse that ought to be turned into glue.
The best way to do that IMHO is make a new protocol, use them in
parallel, and
wait until the old one becomes a big enough nuisance to go away. That is
what
I am trying to do here.
> 2/ there is (or at least should be) a huge difference for cryptograms
> encrypted in transit between peers, and data resting and being queried by
> only one person.
>
Yes, data at rest is encrypted with things like DiskCryptor and
cryptoloop. Data going over a wire is encrypted with TLS. A message
addressed to a particular person (to whom you do not have a live
connection) is best encrypted with something like GPG. You need all
three for a secure messaging
system.
> 3/ protocols like pond which address adversarial progress over the years
> should be preferred over outdated and broken protocols. but i guess i'm
> repeating 1/ already.
>
>
Which adversarial progress are you referring to? GPG has proven itself
robust over the years,
and Confidant Mail does not use SMTP.
If you mean forward secrecy, I'm working on that. In the meantime I'd
still rather trust GPG than
some unknown protocol. If my private key gets stolen that's my own fault
for being careless.
More information about the cypherpunks
mailing list