On 19/07/14 00:34, Ingo Klöcker wrote: > Sure. But the NSA already knows the correspondents of all of our mail > anyway. Keyserver lookups do not add any additional data
Pssh. What an argument. Please refrain from such useless rhetorics. > But the keyserver (owner) has to be trustworthy anyway. First of all, "trustworthy" is a really ill-defined notion. Should I give them my credit card? Secondly: why? Why does a keyserver need to be trustworthy? In fact, why do I even need a keyserver? It's a convenience. But I can just exchange keys with my peers. I don't need to trust any keyserver operator. Unless it is silently done behind my back, that is. Here's an idea: when elliptic curve becomes ubiquitous, simply include your public key in the header of every e-mail you send. That's way closer to how SSH works, since it uses only one channel, in this case the e-mails themselves. Perhaps it would be a good idea to only include the actual EC public key, and not the whole OpenPGP packet, to keep it small. You say signing isn't covered... I don't see why not. Just as you automatically decrypt; automatically sign. There still is the large issue of private key distribution. I have several machines all connected to my e-mail account. It seems to me there's a *lot* of infrastructure still missing for this to be almost transparent to the end-user. This topic, if discussed at all, should be discussed by itself and not as some kind of counter-offer to symmetric encryption, because the problem space is vastly different. By the way: if we had a working alternative to SSL/TLS, all the mail servers could talk to eachother securely without eavesdropping. That way the contents of e-mails is only exposed on the sending SMTP server and the receiving SMTP and mailbox servers (f.e., IMAP). The mailbox server already knows when you use automatic decryption to facilitate searching, and the receiving SMTP server is probably under the control of the same people that control the receiving mailbox server. So they are probably about equally difficult to access. And likewise, the sender will have a decrypted copy in his Sent folder on his mailbox server, and the sending SMTP server is again close to that server. So if only we had a way to properly authenticate SMTP servers, I think we get almost the same effective protection for the users, albeit without signatures. And this requires only changes to a "couple of" servers, instead of to all endpoints. HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at <http://digitalbrains.com/2012/openpgp-key-peter> _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
