On 5/01/2016 11:43 am, Daniel Kahn Gillmor wrote:
fwiw, there is effort going into protecting some of the SMTP/RFC822
metadata (see the discussions in shutup(_at_)ietf(_dot_)org), which would make
this kind of work within OpenPGP more valuable than it currently is
in the full-metadata-wrapped OpenPGP e-mail use case.
With a list name like that I'm just going to have to check it out.
Removing the metadata of who a message is for seems likely to require
either:
a) trial decryption on the recipient side (problematic for smartcard
and multiple-secret-key setups, as Neal and Werner pointed out), or
b) some sort of racheted shared state between sender and recipient
(e.g. a briar- or axolotl-style esk, which might provide other nice
features, like "deletable" ("forward-secret") messages)
While (b) is out of scope for us here until we get 4880bis sorted, if
someone wanted to experiment with that and report back, i'm sure it
would be interesting to several people on the list.
Or maybe there's a (c) option?
There is, but I can't recall if I've mentioned it on this list or not,
but I know it's been mentioned on gnupg-users because that's how I
found out about it:
http://www.confidantmail.org/
An attempt at side-stepping SMTP entirely and replacing the transport
method with one of the methods used by BitTorrent. It relies on GPG
for the message encryption and everything is contained within the
encrypted zip. The only addressing metadata is the key UID which is
of the format of:
any-damn-thing-you-like@somehost-including-tor-hidden-sites-and-i2p-it-doesn't-care
It even includes a clever means of achieving forward secrecy, but
arguably it could benefit from hiding the OpenPGP metadata a little
better.
Regards,
Ben
signature.asc
Description: OpenPGP digital signature
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp