One obvious solution for end-to-end email encryption is to use ID-based cryptography: a new record type would be defined in the DNS containing the system key for an ID-based system, and the username (everything before the '@') would be the identity used. This would not obscure addresses or the fact of communication right now, but would prevent interception at intermediate nodes. It would be webmail compatible.
Are there any issues beyond the merely cryptographic that I need to consider here? Can this be shoehorned into S/MIME, or do we need to do something new? In the next few days I will try to make a draft/implementation for this. Sincerely, Watson Ladd _______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
