>But I'm not sure what native would look like. After Lavabit, would the >type of folks who use pgp actually trust our implementation if they >couldn't see it and verify it?
In my experience there are two kinds of PGP users. One is the hard core who go to key signing parties with their passports in their pockets. The other is the casual ones who get keys from keyservers when they send moderately touchy stuff. The latter group would probably be OK with your implementation. The others would not, so they'd have to use POP/IMAP/SUBMIT and do the crypto at home. >Also, the spam problem becomes challenging in that environment... For the latter group, you can ask them if it's OK to use their keys for spam filtering and they'll probably say it is. For the former group, it's a problem. Of course, they're only likely to exchange encrypted mail with a tiny set of friends, so perhaps you could say that the sender's key isn't in someone's address book, rate limit it down to one or two messages per day. That gives an opportunity for initial contact, at least until the spammers figure out that their botnets have plenty of CPU to invent a new identity and a new key for every spam. R's, John _______________________________________________ mailop mailing list [email protected] https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
