On Mon, Sep 1, 2014 at 9:49 AM, Eliot Lear <[email protected]> wrote: > 1. Find a public key for the user that the sender’s prepared to trust. > ... > > If the IETF could solve but this problem such that it scales to the size of > the Internet, everything else on your list would I think fall into place.
These days, I’m all excited about the keybase.io model. Since I’ve already held forth on this, let me just add that anyone who’s interested in a closer look, it’s in closed beta but I have loads of invites, shoot me an email and I’ll ask you in. NOTE: I haven’t developed an opinion yet about the actual keybase.io project itself because I don’t fully understand what they’re trying to be. But I find the model genuinely exciting. > Unfortunately, key management really wasn't on your list, and that has to be > addressed as well. Good point, I agree 100%. I’m aware of some mobile apps that are taking a seriously-good run at solving the UX part of the problem; obviously, that’s just as hard/important as the crypto and data security and so on. I’m starting to wonder if maybe hardware-based approaches along the lines of what the FIDO people are working on are the best approach: Your data is key is on your keychain; physically, in your pocket, right beside your house key. Also, I suspect that email programs probably need to > evolve a bit to cope with all of this. Case and point: I'm pretty sure I've > lot one or two private keys along the way. And, at least compared to your > average Joe, I'm good at this. > > BTW, it all has to happen without asking for matching keys. Enigmail does a > pretty good job of that already. That's a pretty good model for UI (I > hazard a guess), and so stay focused on how to get it to function to scale. > It may make sense to use some form of OTR for end-to-end transit. But again > I wouldn't want to count on OTR for data at rest. > > Eliot -- - Tim Bray (If you’d like to send me a private message, see https://keybase.io/timbray)
_______________________________________________ Endymail mailing list [email protected] https://www.ietf.org/mailman/listinfo/endymail
