ietf-mailsig
[Top] [All Lists]

User-to-User or Server-to-Server mail encryption

2004-09-19 05:05:06

Currently this list discuss one of problems - validation of email author to 
_possibly_ prevent spam/abuse.

But how about email privacy ? 
Nobody at post-office allowed to read your regular (paper) mail. 
But why all kinds of email filters constantly dig for keywords inside your 
messages ?

Why nobody discuss email-encryption/signing solutions ?
If we will send each-other a  gzip-compressed, encrypted and signed files - 
this will definitely solve a lot of problems.
 
No worry about canocalization, no worry about prepended/appended content at old 
non-compatible MTAs, no worry about your email read
by business competitors, no worry about email author, as well this can result 
in email traffic decrease (useless feature nobody care
about ;-)

Each mail server can announce in DNS that it accept such a emails and decoding 
will done at server-side or optionally if user really
need this - at end-user computer.
Everything will be transparent. 

In contrast from SSL/TLS - this will be sender-receiver encryption, not a 
hop-to-hop.
In contrast from user-level SMIME/PGP - this will offer some transparency for 
users. 
Offload key management and signing/decryption to email servers or email-proxies 
(this is much easy compared to change all MUA
software).

What do you think about this ?
How about making content of all emails secure ?
--
Andriy G. Tereshchenko
Odessa, Ukraine


<Prev in Thread] Current Thread [Next in Thread>