> This is everything *but* PRISM-proof I wasn't trying to be PRISM proof, hence my subject line. The client and keyserver could help thwart traffic analysis by returning a few "extra" keys on each request. The client then sends a structure message to some of those keys that the receiving client recognizes and ignores.
> and your directory server containing public keys could very well be forced > by a law enforcement agency ( in the best case scenario because it could > also be the mafia) to answer the fbi/mafia public key on any request made to So what? Your content might get sent to the wrong person, but that can be avoided with that old PKI favorite, out of band verification. If it's necessary. > [bitcoin] has the user base No it doesn't. Not by orders of magnitude compared to the few I mentioned. Nor does it have a mail client last I checked. (I guess Chrome doesn't either, but that could be fixed with a couple of quick, and silent, updates.) > you just described PGP universal I never said it was new. The combination of size of the populace using an out of the box mail client that has this happen seamlessly, however, would be new. > Traffic analysis is the problem Do you really think that for most people on the planet, that it is? Hey folks, go off and design your perfect secure system. Build a prototype or alpha-test even. And then watch while the millions of people who could benefit from private email, and the few who could use it as an infrastructure to build more services, ignore you. Sigh. /r$ _______________________________________________ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography