-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 16/11/12 13:44, Eugen Leitl wrote: >>> Alternatively, the FBX could act as a PGP proxy for an existing >>> email account: the FBX would encrypt email before sending it to >>> the existing > > This is a bad solution, as you will need an email account with a a > third (corporate, subpoenable, gag-orderable) party, and will need > to tell your FBX what smarthost or relay to use. StartTLS doesn't > help you if your relayhost is rotten. > > If you want your FBX to be unaffected by third parties, you will > need a darknet, period. The sooner you get this, the sooner we can > move on and start implementing this.
I'm very much in favour of building darknets, but I also want to be able to communicate with people who don't (yet) use the same darknet as me. I'd like that communication to be as secure as possible. It can't be perfectly secure, but we can improve on the status quo. The system I described improves on the status quo in two ways: it opportunistically encrypts outgoing email whenever the recipient's PGP key is available, and it removes incoming email from the provider's POP/IMAP server as quickly as possible. If the sender and recipient are both using the system, they'll have comparable security to a darknet. If only one of them's using the system, they'll have better security than the status quo, and they'll still be able to communicate until the second one adopts the system (if ever). > PGP doesn't scale due to key management issues, though there are > nice ways like Steed http://lwn.net/Articles/464137/ > http://code.google.com/p/gpg-mailgate/ > > Notice you will need a DNS substitute anyway (e.g. pseudo domain > .fbx) so you can use that to publish your keys for Steed. Thanks for the link. The system I described doesn't require a DNS substitute. However, it does depend on an anonymity system like Tor or I2P for keyserver lookups, in order to make selective MITM attacks more difficult. > Your IMAP server should be on your FBX. Yes, in an ideal world we'd all run our own mail servers. In the real world it's not possible to run a mail server on a home broadband connection, and darknet substitutes for email aren't used by the majority of people. So if we want to be able to communicate with those people we need to consider short-term incremental improvements on the status quo, *as well as* working on long-term solutions like darknets. Cheers, Michael -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAEBAgAGBQJQpkwPAAoJEBEET9GfxSfMEBkIAJb8IyLVssRvxQaSY22pfDrc IeutxPzViF6jICeS/5S/K7dW9dth5y1N3Cpeor7OFmko67bpF47rj8LU/bBI5lut wTbmL5rsX0Ydu7IFq5Sqvx8Q1+yLBz9CbidUJCQLsm3tU17v29ERPRAPFle4WNl1 /nGXFXgE+HGsjDLAAxB0tN/xJCNQg7Hfv6+NVKyrok0xOs1l6+7CJ6jnxiuwv65e COocGBwHk1Zsxp7AzacHnHOST50gnHEH1i7/OeO414psr0MgM67E9mAjRWI6aZwm 6wGpY664+a1ssTY69iN+stf7nInJ7Mp/TdLd5P2le8UgLWoZB4bkxULM02VUG0Y= =95MH -----END PGP SIGNATURE----- _______________________________________________ Freedombox-discuss mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
