Re: [liberationtech] Asyncronous secure messaging (Email): Why reinvent the wheel?

2013-11-09 Thread Fabio Pietrosanti (naif)
Il 11/9/13 11:29 PM, Tony Arcieri ha scritto: > > Please, think to use that pile of standards and think to approach > email > security by improving those one. > > > It would be irresponsible not to. There is a fine line to be walked > between improving the user experience and building u

Re: [liberationtech] Asyncronous secure messaging (Email): Why reinvent the wheel?

2013-11-09 Thread Tony Arcieri
On Sat, Nov 9, 2013 at 12:37 AM, Fabio Pietrosanti (naif) < li...@infosecurity.ch> wrote: > We have a big pile of existing very good and very strong IETF RFC > standards for email. > > We need to improve the way those are used. > > We have OpenPGP. > We have MIME. > We have S/MIME. > We have TLS.

Re: [liberationtech] Asyncronous secure messaging (Email): Why reinvent the wheel?

2013-11-09 Thread d.nix
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Why should I continue to trust the very standards and systems that were subverted, corrupted, or just plain sold me out for a profit? Standards and organizations that enshrined & codified confusing, weakened, and watered down systems and made privacy

Re: [liberationtech] Asyncronous secure messaging (Email): Why reinvent the wheel?

2013-11-09 Thread Edwin Chu
Why is it better to limit our innovation to the existing standards when creating the nonexistent secure messaging system? Sometimes we could improve security of a system by adding layers to it, like HTTPS and ZRTP; sometimes hacking on a legacy protocol isn't good enough and we create new things. A

Re: [liberationtech] Asyncronous secure messaging (Email): Why reinvent the wheel?

2013-11-09 Thread M. Fioretti
On Sat, Nov 09, 2013 09:37:27 AM +0100, Fabio Pietrosanti (naif) wrote: > All initiatiatives are trying to setup some new technological > infrastructure, some new communication or encryption protocol. > > We MUST USE THE INTERNET STANDARDS, with modifications here and there, > improving them, in

[liberationtech] Asyncronous secure messaging (Email): Why reinvent the wheel?

2013-11-09 Thread Fabio Pietrosanti (naif)
Hi, everytime there is a debate and discussion on email security i always stand-up when i hear that most of the proposed approach are to "reinvent the wheel". All initiatiatives are trying to setup some new technological infrastructure, some new communication or encryption protocol. We MUST USE