On Fri, 13 Sep 2013 16:55:05 -0400 John Kelsey <crypto....@gmail.com> wrote: > Everyone, > > The more I think about it, the more important it seems that any > anonymous email like communications system *not* include people who > don't want to be part of it, and have lots of defenses to prevent > its anonymous communications from becoming a nightmare for its > participants. If the goal is to make PRISM stop working and make > the email part of the internet go dark for spies (which definitely > includes a lot more than just US spies!), then this system has to > be something that lots of people will want to use. > > There should be multiple defenses against spam and phishing and > other nasty things being sent in this system, with enough > designed-in flexibility to deal with changes in attacker behavior > over tome.
Indeed. As I said in the message I just pointed Nico at: http://www.metzdowd.com/pipermail/cryptography/2013-August/016874.html Quoting myself: Spam might be a terrible, terrible problem in such a network since it could not easily be traced to a sender and thus not easily blocked, but there's an obvious solution to that. I've been using Jabber, Facebook and other services where all or essentially all communications require a bi-directional decision to enable messages for years now, and there is virtually no spam in such systems because of it. So, require such bi-directional "friending" within our postulated new messaging network -- authentication is handled by the public keys of course. > Some thoughts off the top of my head. Note that while I think all > these can be done with crypto somehow, I am not thinking of how to > do them yet, except in very general terms. > > a. You can't freely send messages to me unless you're on my > whitelist. That's my solution. As I note, it seems to work for Jabber, Facebook and other such systems, so it may be sufficient. > b. This means an additional step of sending me a request to be > added to your whitelist. This needs to be costly in something the > sender cares about--money, processing power, reputation, solving a > captcha, rate-limits to these requests, whatever. I'm not sure about that. Jabber doesn't really rate limit the number of friend requests I get per second but I don't seem to get terribly many, perhaps because fakes at most could hide some attempted phish in a user@domain name, which isn't very useful to scammers. > g. The format of messages needs to be restricted to block malware, > both the kind that wants to take over your machine and the kind > that wants to help the attacker track you down. Plain text email > only? Some richer format to allow foreign language support? My claim that I make in my three messages from August 25 is that it is probably best if we stick to existing formats so that we can re-use existing clients. My idea was that you still talk IMAP and SMTP and Jabber to a server you control (a $40 box you get at Best Buy or the like) using existing mail and chat clients, but that past your server everything runs the new protocols. In addition to the message I linked to above, see also: http://www.metzdowd.com/pipermail/cryptography/2013-August/016870.html http://www.metzdowd.com/pipermail/cryptography/2013-August/016872.html for my wider proposals. I agree this makes email delivered malware continue to be a bit of a problem, though you could only get it from your friends. Perry -- Perry E. Metzger pe...@piermont.com _______________________________________________ The cryptography mailing list email@example.com http://www.metzdowd.com/mailman/listinfo/cryptography