> b) synchronizing the complex and changing keystore (pairwise state > between all correspondents) between multiple e-mail clients, since > many people use multiple MUAs to access a single mailbox
The obvious place to put the data is the mailbox. Mail servers via imap
are pretty okay at synchronizing immutable blobs of data, so it should
be possible technically to achieve synchronized state among all MUAs.
We can also get confidentiality and integrity for this data with a
secret shared in all MUAs, like the user's pgp key.
But I think there's a catch: We can never reliably *delete* data from
the server. This essentially breaks the properties we gain from key
erasure ("forward secrecy") in the first place. That's a huge problem,
and I'm not sure there is a way to work around it. At least not if we
want to be able to read mails from a session established by one MUA in
another.
- V
signature.asc
Description: Digital signature
_______________________________________________ Messaging mailing list Messaging@moderncrypto.org https://moderncrypto.org/mailman/listinfo/messaging
