I think we can agree that the first step is to deploy home servers, and that
the first application there would  to host communication applications. Just
doing that without much other change would already provide protection
against the "silent spying" that goes on in big cloud servers.

Initial deployment of anything must provide an immediate reward to the early
adopters. You cannot rely on a network effect, and that means you can
certainly not request third parties to adopt a new protocol. So better pinch
our noses and say that, of course, we will accept SMTP mail. Probably SIP as
well, and XMPP. We just need at first to make sure that the home server is
easy to deploy and maintain. Then the adopters get the immediate reward,
"nobody can go through my mail archives without asking me."

The various P2P enhancements come next, once there already is a network of
home servers. The obvious one is a communication application that beats
traffic analysis by embedding its own "shuffling" or "onion routing." I
don't think we can run anything like that directly on a phone, it would
drain the battery way too quickly.

-- Christian Huitema

The cryptography mailing list

Reply via email to