On 31/05/14 02:15, Sandy Harris wrote: > Darkmail aims at doing genuinely secure email. They say that requires > replacing SMTP because, even if the body is PGP_encrypted, the headers > leak too much private info. > > http://nakedsecurity.sophos.com/2013/11/01/lavabit-and-silent-circle-form-dark-mail-alliance-to-thwart-email-surveillance/ > > Last I heard, the Darkmail Alliance had only two members, the founding > companies Lavabit and Silent Circle. They say they will have a draft > this year for an open protocol which they'll encourage others to > implement. Since some of the authors of the Open PGP RFC, basis of Gnu > GPG, are among their team, this is plausible.
I've been following this closely. Ladar Levison (Lavabit) has begun work (with a new team) on this without the aid of Silent Circle so far (as they took a bit longer than anticipated releasing their code as part of this [0]) There is also some thoughts on what darkmail needs to be to ensure it's free and secure [1] which I tend to agree with. > I'd say it's obvious we should track this, add it to the Box when > there's a solid open source version. Should we do more? Implement it > ourselves? Ask the FB Foundation and/or Debian to become members of > the Alliance? Agreed. If darkmail delivers then I think we should support it as soon as we can. It would be excellent to see the FB Foundation become members, and Debian would be a coup and be a big profile raiser for both freedombox and darkmail. Anyone else have thoughts or opinions on this? -Kevin [0] <https://www.kickstarter.com/projects/ladar/lavabits-dark-mail-initiative/posts/756682> [1] <https://www.mailpile.is/blog/2013-10-31_DarkMail_and_Secure_Protocols.html> _______________________________________________ Freedombox-discuss mailing list Freedombox-discuss@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss