[liberationtech] Asyncronous secure messaging (Email): Why reinvent the wheel?
Tony Arcieri
bascule at gmail.com
Sat Nov 9 14:29:04 PST 2013
On Sat, Nov 9, 2013 at 12:37 AM, Fabio Pietrosanti (naif) <
lists at infosecurity.ch> wrote:
> We have a big pile of existing very good and very strong IETF RFC
> standards for email.
>
> We need to improve the way those are used.
>
> We have OpenPGP.
> We have MIME.
> We have S/MIME.
> We have TLS.
> We have ZRTP.
> We have SMTP/TLS.
>
Well, we have a big pile of standards, and yet Johnny Can't Encrypt™:
http://www.gaudior.net/alma/johnny.pdf
Please, think to use that pile of standards and think to approach email
> security by improving those one.
It would be irresponsible not to. There is a fine line to be walked between
improving the user experience and building upon existing work. So far most
attempts I've seen at improving the situation have sacrificed security for
convenience. I don't think this needs to be the case. Perhaps some day I'll
release some software which provides both. Working on it ;)
--
Tony Arcieri
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20131109/068a7cc9/attachment.html>
More information about the liberationtech
mailing list