Jon Callas wrote:
On Nov 1, 2007, at 10:49 AM, John Levine wrote:
Since email between hushmail accounts is generally PGPed. (That is
the point, right?)
Hushmail is actually kind of a scam. In its normal configuration,
it's in effect just webmail with an HTTPS connection and a long
password. It will generate and verify PGP signatures and encryption
for mail it sends and receives, but they generate and maintain their
users' PGP keys.
There's a Java applet that's supposed to do end to end encryption, but
since it's with the same key that Hushmail knows, what's the point?
I'm sorry, but that's a slur. Hushmail is not a scam. They do a very
good job of explaining what they do, what they cannot do, and against
which threats they protect. You may quibble all you want with its
*effectiveness* but they are not a scam. A scam is being dishonest.
You also mischaracterize the Hushmail system. The "classic" Hushmail
does not generate the keys, and while it holds them, they're encrypted.
The secrets Hushmail holds are as secure as the end user's operational
security.
Seconded. the java applet is effectively a mail client, a copy of gpg,
and a copy of the secret keyring; the public keys are looked up on the
server though, and I suspect/assume that the messages are no more or
less secure at the hushmail side than your own pgp mail would be on a
isp imap server (i.e., you could get traffic information trivially just
by looking, but message content would require being lucky with the
keyphrase or active co-operation from hushmail to give you a "gimmicked"
client the next time you log in that reveals that information.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]