On Mon, Feb 9, 2015 at 5:13 PM, elijah <[email protected]> wrote: > > (4) Metadata, mega woes. There are many approaches, but Pond's is > probably the best. The cool thing is that direct delivery to recipient > provider can be an opportunist option when the recipient supports it. > LEAP is one of the parties that will soon start on the PANORAMIX project > from George Danezis to develop and deploy a new mix network > infrastructure. We plan to use this for user -> server direct delivery > of email (in addition to server-to-server).
This seems important, let me try to unpack it: By Pond's approach, I think you mean recipients hand out one-time delivery tokens to their senders, so their mailbox can accept messages or blacklist senders without learning the sender? I like that too, hopefully it could serve as an antispam mechanism that doesn't need plaintext scanning or sender reputations. So it would allow encrypted messages to flow in an email-like environment, and also enable direct delivery between (potentially anonymized) senders and the recipient's mailbox. So delivery over Tor becomes possible (or something better - perhaps higher-latency - than Tor. PANORAMIX sounds cool, hope to learn more). The hard part is provisioning initial tokens. I'm not enamoured of Pond's "PANDA" - some people like it, but I think having to agree on a shared secret with your correspondent = yuck. So it would be nice to have other options. I think one option you're suggesting is an "in-band" exchange of tokens (similar to bootstrapping encryption off an in-band exchange of public keys). This wouldn't hide the fact that people communicated once, but after an initial email exchange, further communications would be opportunistically encrypted and sent over the anonymity network. Anyways, that's a great bundle of ideas - it seems promising to try to apply delivery-tokens more broadly, and to find other ways of initially provisioning them. Trevor _______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
