This is everything *but* PRISM-proof : it doesn t solve the metadata issue
and your directory server containing public keys could very well be forced
by a law enforcement agency ( in the best case scenario because it could
also be the mafia) to answer the fbi/mafia public key on any request made
to it.

On Monday, August 26, 2013, Richard Salz wrote:

> I don't think you need all that much to get good secure private email.
>  You need a client that can make PEM pretty seamless; reduce it to a
> button that says "encrypt when possible."  You need the client to be
> able to generate a keypair, upload the public half, and pull down
> (seamlessly) recipient public keys.  You need a server to store and
> return those keys. You need an installed base to kickstart the network
> effect.
>
> Who has that?  Apple certainly; Microsoft could; Google perhaps
> (although not reading email is against their business model). Maybe
> even the FB API.
>
> It's not perfect -- seems to me the biggest weakness is (a) the client
> could double-encrypt for TLA's to read, or (b) it could give you the
> wrong key so your mail only goes to the bad guy -- but it's a hell of
> a lot better than we have now and I'd say it's more than good enough.
>
> Thoughts?
> _______________________________________________
> The cryptography mailing list
> cryptography@metzdowd.com <javascript:;>
> http://www.metzdowd.com/mailman/listinfo/cryptography
>


-- 
Alexandre Anzala-Yamajako
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography

Reply via email to