On 20 Apr 2017, at 17:22, Paul Wouters <paul(_at_)nohats(_dot_)ca> wrote:
generate a key pair on registration, store those keys on the server (in
an encrypted archive), and make the public key available. A little
coding later and we've got key exchange and message confidentiality.
SMTP servers could be key servers without having the private key of
individuals?
Sure. If they double as HTTPS servers.
I want to send you an email, so I type “paul(_at_)nohats(_dot_)ca
<mailto:paul(_at_)nohats(_dot_)ca>” in the To: field, and my MUA goes to
https://mail-public-keys.nohats.ca/.well-known/mail-pubkeys/paul
<https://mail-public-keys.nohats.ca/.well-known/mail-pubkeys/paul> and that
gets your public key.
And now my MUA can encrypt. And it all works, as long as we trust nohats.ca
<http://nohats.ca/> (and conversely gmail.com <http://gmail.com/>) and as long
as you have a copy of your private key on every single MUA that you use.
Small assumptions, no?
Yoav
signature.asc
Description: Message signed with OpenPGP