On Fri, Sep 06, 2013 at 12:03:56PM -0700, Michael Thomas wrote:
On 09/06/2013 11:19 AM, Nicolai wrote:
That's true -- it is far easier to subvert email than most other services, and in the case of email we probably need a wholly new protocol.
Uh, a first step might be to just turn on [START]TLS. We're not using the tools that have been implemented and deployed for a decade at least.
Agreed. Although some people are uncomfortable with OpenSSL's track record, and don't want to trade system security for better-than-plaintext network security. But the deeper issue is coercing providers to give up mail stored on private servers, bypassing the network altogether. TLS doesn't address this problem. Short term: deploy [START]TLS. Long term: we need a new email protocol with E2E encryption. Nicolai