[Freedombox-discuss] Email Encryption Basics

Nick M. Daly nick.m.daly at gmail.com
Fri Nov 16 13:04:44 UTC 2012


Michael Rogers <michael at briarproject.org> writes:

> On 16/11/12 07:35, Eugen Leitl wrote:
>> Most attempted delivery from dynamic user space will bounce, and
>> requiring smarthosts clashes both with the zero administration
>> requirement and adds an additional point of attack.
>
> I think this is way too pessimistic. Yes, it's unrealistic to run an
> incoming or outgoing mail server on a dynamic home IP address, but a
> PageKite-style proxy would work.

For no reason I can explain, my box can send outgoing mail without issue
(I haven't purchased or defined an MX record or smarthost, IIRC).  It
can't receive anything at all, but mail goes out without problem, which
allows service signups and the like.  I'll try to figure out why I can
send mail one of these days.

> Alternatively, the FBX could act as a PGP proxy for an existing email
> account: the FBX would encrypt email before sending it to the existing
> account's SMTP server and decrypt it after collecting and deleting it
> from the existing account's POP/IMAP server. No email would be stored
> long-term on the provider's servers, which is a legally important
> distinction in the US. The FBX would use Tor to store and retrieve PGP
> public keys on multiple independently operated keyservers, making it
> difficult for any keyserver to replace a user's key with a MITM key
> without detection.

Very interesting!  As long as we tie ourselves to someone else's
infrastructure, re-serving as a client becomes easy.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 835 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20121116/ba422f6c/attachment.pgp>


More information about the Freedombox-discuss mailing list