On 06/03/2014 08:49 PM, Andy Bradford wrote: > The best way to ensure end-to-end security in email is still PGP. > Anything else is just security theatre.
True. Also e-mail envelope will always be vulnerable to metadata snooping with SMTP, whether it's MITM, or on a compromised endpoint. PGP can make private the message itself, but the evelope remains unencrypted. Perhaps we need a e-mail system based on something more akin to XMPP. The entire transport can be encrypted, and federation forms the routes between people. /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
