Hi, everytime there is a debate and discussion on email security i always stand-up when i hear that most of the proposed approach are to "reinvent the wheel".
All initiatiatives are trying to setup some new technological infrastructure, some new communication or encryption protocol. We MUST USE THE INTERNET STANDARDS, with modifications here and there, improving them, in order to reach our goal in securing asyncronous communications methods commonly referred as "Email". While i appreciate all of those cryptographer trying to do something new, i must say that THIS IS THE WRONG WAY! We have a big pile of existing very good and very strong IETF RFC standards for email. We need to improve the way those are used. We have OpenPGP. We have MIME. We have S/MIME. We have TLS. We have ZRTP. We have SMTP/TLS. Please, think to use that pile of standards and think to approach email security by improving those one. I'm confident that it can be done, but all of the "crypto activist" community must works in that direction. -- Fabio Pietrosanti (naif) HERMES - Center for Transparency and Digital Human Rights http://logioshermes.org - http://globaleaks.org - http://tor2web.org p.s. It's morning, i slept a few and i need some coffee -- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
