On 17/09/2014, Maarten Billemont <lhun...@lyndir.com> wrote: > > I'm not sure I understand what problem you've just solved. Senders still > need to generate a keypair and encrypt their mail, receivers still need to > decrypt their mail. All you've done is remove key lookup and replaced it > with a From: header. >
I haven't invented any new cryptography - functionally, it's similar to what already exists. But I think the reason that encryption still isn't widely used (after more than 2 decades!) is the usability. Even if encryption/decryption are automated, you still need to understand concepts like public keys and digital signatures in case something goes wrong. By combining the address and the public key, I think everything makes much more sense to the end user: when they send emails to some address, they know it can't be intercepted, and when they receive an email from some address, they know that it definitely came from there. The encryption/decryption can be handled automatically by something like Enigmail, but now the user can easily understand the problem if something goes wrong: errors will say things like "this email didn't really come from that address", rather than "this digital signature doesn't match the key". _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography