There's also an experimental RFC7508 "Securing Header Fields with S/MIME"
plus RFC5751 mentions using message/rfc822 though that is not completely
specified. One issue likely common with these approaches is keeping
private the sender and recipient(s). I've pitched the idea of doing some
form of onion routing to mitigate that. Hopefully these are things folks
would be interested in pursuing.
On Fri, Apr 1, 2016 at 9:43 AM, John R Levine <johnl(_at_)taugh(_dot_)com>
If people are unaware, protection of email headers (for PGP) is
progressing at https://modernpgp.org/memoryhole/ (although it may be a
This looks like the usual approach of wrapping the message in an outer
message with all of the headers genericised. Ned Freed has said this has
severe patent problems. I don't know the details.
John Levine, johnl(_at_)taugh(_dot_)com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail.
smime mailing list