On Wed, 20 Mar 2019, DAMY gustavo wrote:
But pEp is also based on MIME (which requires trust on at least one centralized CA which falls into the centralized infrastructure isn't it ?)
MIME does not require a centralized CA. I presume your mean S/MIME. pEp is not based on S/MIME. However, pEp is working on interoperability with S/MIME.
And yes I agree bad guys could use this as well (but probably they already do it anyway) so through pEp + DMARC it wouldn't be even safer to exchange messages finally an easy way to have End to end encryption using open protocols for webmail (and not just rely on existing APPS/SW) implementations?
This depends on the requirements or threat scenarios a system is based on. If Privacy is top priority, I see no other way than using a true end-to-end system.
cheers, Bernie _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
