On 10/24/2013 12:50 PM, Wei Chuang wrote:
To me it seems that a comprehensive approach to encrypting email
traffic actually needs to cover three separate cases: (1) mail
relaying, (2) MUA-MSP interactions, and (3) end-to-end
encryption. Cases (1) and (2) are similar in goal - protect
emails being transmitted over the network from eavesdroppers and
active attacks - but subtly different in implementation. Case
(3) protects emails from being disclosed to servers which are
operated by third parties and which might be compromised. None
of these is sufficient by itself, because (1) and (2) by
themselves don't protect the messages while they're stored on
third-party servers, and (3) doesn't protect against traffic
analysis - which when dealing with mass surveillance seems to be
as important as protecting the actual contents of the messages.
Of these, the most difficult problem seems to be (3). Solutions
for (3) e.g. PGP and S/MIME have been around for a long time, but
they haven't been widely deployed. This seems like an area that
is worth revisiting.
+1 (While I'm one of the authors of a TLS based approach, I'd also
like to see more discussion/ideas of privacy protecting end-to-end
One idea I've wondered about is whether social networks (perhaps with
real-time video conferencing) can be leveraged to assist web-of-trust
style key signing.
ietf-smtp mailing list