On 10/15/2013 08:46 PM, Mike Demmers wrote: > On Tue, 15 Oct 2013 17:37:54 -0700 Leo Vegoda <[email protected]> > wrote: > >>> They get backed up when they back up their system. >> >> You seem to have ignored the word "securely" in that sentence. And >> anyway, most people don't backup their systems at all. > > Here is, I hope, a better answer to your question 'How are keys > securely backed up' , which I now understabd better: > > That is handled by the underlying program you are using to encrypt > your mail, and so has nothng to do with this proposal directly - it's > implementation dependent. Out of scope.
I agree that this problem is out of scope, but it is very important nonetheless. Every time someone hits upon a bright idea to make encrypted communication easier to use they run up against the problem of improving key management. These schemes, however, only work if the user has access everywhere to their list of trusted keys. Essentially, the authenticity problem gets transformed into an availability problem, and the availability problem is perhaps even harder. Three different free software projects try to securely tackle the availability problem and could form the basis for an agnostic protocol for portable and secure data sync: (1) Firefox Sync https://www.mozilla.org/en-US/mobile/sync/ (2) SpiderOak's Crypton https://crypton.io/ (3) LEAP's Soledad https://leap.se/en/soledad All of these are overkill for the narrow problem of key management. Instead, they try to tackle the general question of secure data synchronization and backup. I think this is probably the proper approach. Our hope with the next version of Soledad is to add federation, so that two or more users on different providers could share a synchronized, searchable, client encrypted database. This could be useful for all kinds of things. -elijah _______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
