On 09/06/2013 12:52 PM, Nicolai wrote:
On Fri, Sep 06, 2013 at 12:03:56PM -0700, Michael Thomas wrote:
On 09/06/2013 11:19 AM, Nicolai wrote:
That's true -- it is far easier to subvert email than most other services, and in the case of email we probably need a wholly new protocol.
Uh, a first step might be to just turn on [START]TLS. We're not using the tools that have been implemented and deployed for a decade at least. Agreed. Although some people are uncomfortable with OpenSSL's track record, and don't want to trade system security for better-than-plaintext network security.
But the deeper issue is coercing providers to give up mail stored on private servers, bypassing the network altogether. TLS doesn't address this problem. Short term: deploy [START]TLS. Long term: we need a new email protocol with E2E encryption.
I'd say we already have those things too in the form of PGP/SMIME. Who knows what the NSA can break, but it's just not right to say that we need new protocols. The means has been there for many years to secure email (fsvo 'secure'), it's just that it's not terribly convenient so we just don't for the most part. Mike