[liberationtech] [cryptography] [Cryptography] Email is unsecurable
carlo von lynX
lynX at time.to.get.psyced.org
Tue Nov 26 05:45:32 PST 2013
On Mon, Nov 25, 2013 at 11:38:59PM +0100, Fabio Pietrosanti (naif) wrote:
> SMTP is a transport protocol, with some basic signaling capability.
>
> I don't see a single concrete, practical reason why it should
> "substituted" and not just improved here and there.
Oh no, not again. Does this have to come up every n mails?
naif, ti prego...
It's a transport protocol that expects to have cleartext
senders and recipients, that expects to connect to a DNS
hostname and to, optionally, take a X.509 certificate in
consideration for a bit of link-level encryption.
In the list of 14 reasons on http://secushare.org/PGP it
is responsible for:
- 1. Downgrade Attack: The risk of using it wrong.
- 3. Transaction Data: Mallory knows who you are talking to.
- 6. Federation: Get off the inter-server super-highway.
and in the heads of people also for:
- 14. The Bootstrap Fallacy: But my friends already have e-mail!
Additionally, since with SMTP the construction of realtime
circuits between senders and receivers is at least cumbersome,
technologies that would have an advantage out of that are
unnecesserily impeded. See my last email on how a direct link
should be considered also for mail-like applications.. to
avoid power concentrations in servers, to allow for IM and
easy negotiation of shared secrets and forward secrecy. To
allow an easy and organic functionality extention in the field
of file exchange (which e-mail currently provides, but pretty
badly) and telephony (which is considered sooo different).
Why does that zombie called "Simple Mail Transfer Protocol" have
to be kept alive long after "Simple" is actually sufficient?
More information about the liberationtech
mailing list