On Sun, Sep 14, 2014 at 4:13 AM, Wei Chuang <[email protected]> wrote: > > > On Sat, Sep 13, 2014 at 10:54 AM, Werner Koch <[email protected]> wrote: >> >> On Fri, 12 Sep 2014 19:48, [email protected] said: >> >> > 1) S/MIME doesn't fully protect users mail envelope metadata. For >> > example >> > the recipient and envelope-sender must be visible to the intermediate >> > SMTP >> >> If you want that, it is easy to put the messaqge into a message/rfc822 >> mail container and use faked subject and other mailer header. > > > Right I agree that there is a RFC5751 sec 3.1 > (http://tools.ietf.org/html/rfc5751#page-18 ) that mentions the > message/rfc822, but unless I'm missing something one still has to specify > the intended recipient, and a return path. Even if the body and most > headers were wrapped hence private, an adversary could still find the > sender/recipient information very useful.
I suggest that we stick to exchanging endymail with disclosure of the routing information before we go on to the traffic analysis prevention problem. It is possible to prevent traffic analysis but that is a transport issue pretty much by definition. So it would suggest we look at S/MIME + TLS rather than one alone. And if they don't serve then we look at Tor and Mixmaster... _______________________________________________ Endymail mailing list [email protected] https://www.ietf.org/mailman/listinfo/endymail
