PGP actually does work well with web mail. There are two libraries which do pgp encryption, there are 3 that I know which do AES-SHA256-CBC-PKCS7. There are at least two libraries which do pkdf2 sha 256.
There is also one library which does AES-SHA256-GCM, but I'm not sure if it does pkcs7 or not. (or whether padding is incorporated into GCM, need to research). Looking up keys on a pgp key server is trivial, registering a key is also trivial. --- However there are some legitimate concerns. The most important to my mind are javascript injection attacks. For instance, let's say the NSA takes over your web-mail server. You think, "well my users' data is fine, because all of the encryption is happening client side, I never see any of the keys, etc." However the NSA could *force* you to place code inside your server which tells the client to send the keys to you randomly. This would be difficult (not impossible) to detect, and when executed *once* would completely destroy the privacy of the target machine forever. Generally these days, (at least the conversations I've been reading), people are talking about making "plugins" out of the client side code and protecting them through the app store. So, I download the app for the client, I check it's signature. It *NEVER* downloads code again. I think there are some other solutions to this problem, which I could babble about, but won't right here. However, there are still attacks. For instance, I'm the NSA, I've spent the hours necessary reading through your code to know that if I write you an email with SO-and-SO pattern, when you display that e-mail my script will be run. That script then would destroy the privacy. This is a very hard attack to guard against. --- In my webmail I'm developing (I wrote one previously using GWT which was too complicated, too difficult to maintain and enhance, this one is much simpler). My goals are three fold: 1. raise the cost of the NSA exponentially. I want them to have to spend considerable time for each target, instead of just "hey Google, give me these 20,000 peoples' email." 2. re-normalize the idea of privacy. Google has pretty much destroyed privacy. And they are trying to destroy anonymity as well. I believe it is important to have by this year's end at least 10 services running which re-normalize privacy in e-mail. Each service hopefully will castigate Google and call them for what they are. 3. give "good" security. Nothing will protect you if you are *actually* some terrorist or something, but it would be nice if we weren't being big-brothered *all* of the time. --- I encourage you to look at those others people referenced. Also, if you care to, take a look at mine as well. https://github.com/timprepscius/mv If you need any help setting up a server, let me know. If you are versed in sys-admin, it should take 5 minutes to get a VM running, or use something like DigitalOcean. The benefits of my server, (I think), is that you should be able to change how it looks and feels without changing any of the fundamental code. Meaning you can change the html templates and css and what not, and it will still function correctly. It uses Backbone, so the rendering is clearly separated from the code/models. Anyhowz, If you are looking for perfect security, web mail is not the way to go. Hopefully a plugin will be able to provide near-ish the same security that a standalone program with no javascript interpreter might. But that doesn't mean that PGP WebMail won't be a billion-million times better than gmail. (can't wait to leave it! so close, soon soon) Good night, -tim _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
