On Fri, 09 May 2014 13:36:54 +0200 rysiek <[email protected]> wrote:
> Dnia wtorek, 6 maja 2014 20:27:04 Scott Blaydes pisze: > > On May 5, 2014, at 9:05 AM, rysiek <[email protected]> wrote: > > > Dnia poniedziałek, 21 kwietnia 2014 00:30:42 Stephen D. Williams > > > pisze: > > >> Probably people just need two email clients: One for non-secure > > >> email, another that only sends secure messages. > > > > > > Well, instead of the latter, one can use RetroShare with great > > > results: http://retroshare.sourceforge.net/ > > > > > > You can use it as a replacement for other kinds of communication, > > > too. Like > > > VoIP: > > > http://rys.io/en/129 > > > > You had me till this line in the description: > > "using a web-of-trust to authenticate peers and OpenSSL to > > encrypt all communication” Not feeling like trusting more things to > > OpenSSL right now. Lets see how LibreSSL turns out and see if it > > can be switched. > > Good point; still better than most alternatives. One biggie for me is > that there is no way to send an unencrypted message via RetroShare. > I.e. no way for the user to fsck up. > > I find OpenSSL use in RetroShare a smaller problem than the fact that > a user of any GPG-enabled e-mail client can actually send an > unencrypted e-mail and... not notice that until its too late. Not to > mention metadata (sender, addressee, topic, etc, not being > GPG-encrypted). SSL is broken and the metadata is in fact a huge problem. Also, users want the convenience of a webinterface or to keep their existing email clients. In my opinion, that problems can only be solved by a hardware solution. We just did that. Here is how it works: https://enigmabox.net/en/cjdns-en/ Cheers, 42 -- 42 <[email protected]>
