On Mar 21, 2014, at 8:10 AM, Robin Wilton <[email protected]> wrote: > > > On 21 Mar 2014, at 13:00, Nicholas Weaver wrote: > >> >> On Mar 21, 2014, at 4:40 AM, Robin Wilton <[email protected]> wrote: >> >>> To pick the obvious nit... >>> >>> Even if an email goes from my browser to Google's servers over https, and >>> goes between Google's servers over https, I did not see a commitment to >>> encryption of the email when it is at rest, rather than in motion... >> >> To reply with the obvious: It is IMPOSSIBLE to secure data at rest in the >> context of a webmail system: server control can always enable accessing of >> all documents when the user logs in to check their webmail. > > I'd dispute your use of the word "impossible". It might be tricky to design > something easy to use, and it would raise the usual end-to-end encryption > problems of key exchange and key management, but there's nothing inherent in > webmail as a transfer mechanism that means it can't transfer encrypted > content. For instance: last time I used the PGP tools, they offered the > ability to encrypt whatever's in the clipboard. There's nothing to stop me > pasting the result into a webmail and inviting my corespondent to reverse the > process. > Sending an encrypted file as an attachment to a webmail would also work.
That is NOT encrypting in webmail. That is using webmail to transport encrypted content. Why you can NEVER do meaningful encryption to protect data at rest from the server in actual Webmail is that the "client" software is dynamically provided by the server you are trying to protect the data from! This is the "hushmail" and "lavabit" problem. Neither service is actually able to protect the data at rest from a warrant, because the data can always be accessed when the user logs in. Hushmail choses to snitch content to law enforcement, lavabit shut down. You can only do "at-rest" protection on the mail server with a client program. -- Nicholas Weaver it is a tale, told by an idiot, [email protected] full of sound and fury, 510-666-2903 .signifying nothing PGP: http://www1.icsi.berkeley.edu/~nweaver/data/nweaver_pub.asc
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
