On Friday 06 December 2013 10:10:41 Werner Koch wrote: > On Thu, 5 Dec 2013 21:38, kloec...@kde.org said: > > Unfortunately, I think email is a lost cause because there are so > > many different mail clients that will never support encryption. I > > think we > > Please name those email clients. I am not aware of any mainstream > mail cleint without encryption support (yes, Notes, but that is not > mainstream). The real problem are webmailers.
Exactly. Webmailers was what I was thinking about. And probably mail clients used on mobile devices. I don't know how many of those support encryption. > > have a much better chance to replace email with something new that > > has end-to-end encryption (and probably also authentication) built > > in than we have to fix email. > > There are some groups proposing this for some time now. A few of them > have an obvious business case for their new system. > > However, mail will stay with us because everything works by mail. > Mail has replaced letters, folder and files cabinets. You can't > replace that with an online communication system, much as it is not > possible to replace documents with phone call. Mail is not done for > the communication but for documenting transactions. Where? AFAIK, in Germany, we still have to send faxes or registered letters with reply advice because email is not approved. (Well, maybe de-mail or whatever it's called is, but who's using that?) > A business needs > to retain most of its communication for 10 years and more. In > Germany you are even required to archive certain private mails for 2 > years (invoices by craftsmen). The online media is by design not > able to fulfill such requirements. What do you mean by "online media"? Is de-mail such an "online medium"? > Well, some are saying “you may send an attachment” using our system. > But in this case you are back to standard mail with just a different > transport layer (i.e. no RFC-821). RFC-822 will stay with us and it > is actual trivial to secure. Given that anonymity is very hard to > impossible to achieve using the current internet infrastructure, I > would also claim that SMTP will stay for the foreseeable future. > STARTTLS is security wise not very different from https and has a > chance to work reliable as soon as we have working mechanism to > replace PKIX. I don't dispute that. And yes, key exchange is the real challenge. Regards, Ingo
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
