At 03:07 AM 12/21/2002 -0800, Sarad AV wrote:
hi, Don't encrypt, post it by snail mail. I remember reading this in pgp's help document. It addresses why we glue over our envelope and seal it. It ofcourse is concealing (for the govt) and privacy (for the user). The govt. never asks letters not to be glued and sealed because of the vast majority of people using it.
When I was young, the US Postal Service charged less money for unsealed envelopes than for sealed envelopes. I think the year was about 1962 or 1963, and the price was 5 cents for sealed envelopes and 4 cents for unsealed and for post cards. Since this was elementary school and we were learning about community things like the Post Office and the Fire Department, they didn't really explain why; I think it was leftover regulations from wartime censorship during World War II or the Korean Police Action.
Also, in the US, the police can request a "mail cover" (which means recording who all your snail mail is from) with much less legal formality than a search warrant, and if they get a warrant to open all your incoming mail, I don't think they're required to notify you.
But at the slightest at the use of encryption will raise their brows. This issue can only be fully solved when the vast majority of people begin using encryption. Encrypted spam wouldn't be a bad idea either.
(Ideally they'd encrypt all of the spam :-) Actually, if you insisted on all your mail being encrypted, that would cut down significantly on spam, because the amount of individual work per message required to encrypt something is significantly higher than the work required to just email it, which can scale badly and can also increase the traceability of spam (by watching who downloads large numbers of keys from keyservers, for instance.) The extent to which obtaining keys is a traceable activity depends a lot on the type of public key infrastructure that's being used, and to some extent on the amount of accuracy that you need - spammers selling lists to each other probably wouldn't mind a 5-10% inaccuracy rate if it meant they didn't have to use keyservers, while people who want to preserve their privacy are much more likely to download mass quantities of keys from servers to avoid having it be obvious which ones they care about.
