Lan Barnes wrote:
I've often wondered if an email list could be set up that automatically
used GPG at both ends. The server could have its own public key, and could
then decrypt and reencrypt using the public key of every subscriber. Of
course, it would be easy for intelligence gatherers to penetrate by
signing up ("Yes, comrade, I too get off by exchanging secret salad
dressing recipes"). So the content wouldn't be secret for long, especially
if new members were being admitted.
And then some idiot on the list would archive every single email
message--in plaintext.
This problem is not new. The issue is that people stick their nose into
other peoples' business and jump to presumption of guilt. This is why
our system attempts to enshrine some level of privacy and presumption of
innocence.
This was a problem even in the 1600's:
"Qu'on me donne six lignes Ă©crites de la main du plus honnĂȘte homme, j'y
trouverai de quoi le faire pendre"
- Cardinal Richelieu (Armand Jean du Plessis)
Translation: "If one would give me six lines written by the hand of the
most honest man, I would find something in them to have him hanged."
The solution is easy, if unpalatable. Email only gets accessed through
a web interface, cannot be saved or printed, has non external pop or
imap access, and is only held on the corporate server.
Of course, this is so annoying that everybody will start conducting
business on their yahoo/hotmail/gmail accounts. And then you have the
problem again.
The problem is social: we need to quit assuming guilt. Good luck with that.
-a
--
[email protected]
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
