I'm a big fan of TextSecure, but comparing TS and Email ignores many of the difficult problems TS has been able to dodge that email cannot.
The biggest one I'll put forth is Key Authenticity[0]. I'm not talking about the fingerprint comparisons (they're about the same there.) In TS, I ask the central TS server "What's the key for Watson Ladd <1 555 123 4567>" and it gives me a key that I can reasonably believe is yours. TS is the central authority. Email's central authority would obviously be federated at the provider, but now we're gated on our email providers supporting some sort of Key Directory. Google and Yahoo are going to do this, but that doesn't solve the problem for everyone. This was solved for DNSSEC with the DLV - a central authority everyone agreed was able to provide you with a server's keys. Who will be the Email Lookaside Vector? Who will everyone agree to trust? There are other very difficult problems TS dodges, but an email solution must confront immediately. To be honest I'm not entirely certain TS' current mechanism for resolving some of these, maybe someone more familiar with TS' implementation can comment? - Multi-Device. TS is by-and-large single device. I thought at some point they had support for multi-devices - and I thought that worked by me giving the central directory multiple keys, and senders encrypted to all of them. I assume the central directory authenticated the user using the user's phone number. When people envision seemless email encryption they usually envision it detecting that the recipient has a key and either prompting the sender to encrypt or just encrypting automatically. - Privacy. TS sends your entire address book to the server and tells you which contacts have TS. Are we going to do this for email? Or are we going to do per-email queries? How does it handle the "user is composing offline" case? In TS, you can't send a message to someone who doesn't have a key - that problem doesn't exist. I'm confident there are others, I half-composed a few more, but I'll leave them to another time. On 2 June 2015 at 00:07, Watson Ladd <[email protected]> wrote: > It's clear to me that this isn't easily fixable by standards work > alone I agree. > much of the damage is baked in to the functioning of S/MIME and > PGP. I'm not sure I agree with this point though. PGP at least is flexible enough that you don't care about interoperability, you can select a subset of functionality and build your system on top of that. And then if you reach critical mass, you can make people want to interoperate with *you*. Which is basically what Google did, Yahoo followed suite, and if they succeed as much as they wish to - we will in turn follow. > What needs to happen is that we need to come up with good ideas > around key management that are actually deployable, and provide the > semantics people want. I agree-ish. I think we need to come up with good implementations and user experiences of key management - not just ideas. -tom [0] I say Authenticity instead of Discovery, because one can reasonably point to a Keyserver and say "Discovery is solved." But the on the scale of Authenticity, keyservers have zero, and a central directory has "some, but not all".
_______________________________________________ Endymail mailing list [email protected] https://www.ietf.org/mailman/listinfo/endymail
