Dan Kaminsky (http://dankaminsky.com) has been working on "Domain Key Infrastructure" bootstrapped of of dnssec that looks pretty interesting. I'm not sure where the video is for this talk (it was at blackhat/defcon 2010), but I found the slides.. http://www.slideshare.net/dakami/phreebird-suite-10-introducing-the-domain-key-infrastructure
On Tue, Dec 14, 2010 at 14:06, Tomas Vavrys <vav...@cleancode.cz> wrote: > Is there a light at the end of the tunnel somewhere to make email > secure even for amateurs who don't know how to use PGP? I'm very > curious about the future of email, especially now. I would like to > hear opinions of OpenBSD wizards. The thing is that it is very hard to > persuade someone to use PGP all the time. > > 2010/12/13 Joel Wiramu Pauling <j...@aenertia.net>: >> On 13 December 2010 22:23, Joachim Schipper <joac...@joachimschipper.nl> >> wrote: >>> On Sun, Dec 12, 2010 at 09:11:16PM -0700, Travis King wrote: >>>> Joel Wiramu Pauling <j...@aenertia.net> wrote: >>>> > Marti Martinez <ma...@ece.arizona.edu> wrote: >>>> > > Ted Unangst <ted.unan...@gmail.com> wrote: >>>> > >> At some point you're going to realize that the javascript that >>>> > >> decrypts your mail has to come from someplace. >>>> > > >>>> > > A better alternative would be a PGP browser addon (...) >>>> > >>>> > [See] firegpg >>>> >>>> firegpg is the only way I can get friends and family to communicate >>>> with me securely. I don't even know what the interface looks like, but >>>> it does work (apparently). >>> >>> It's unmaintained. I would also be surprised if the server can't get at >>> your plaintext (e.g. with Javascript, or even Java/Flash). >>> >>> You may want to look at >>> http://rdist.root.org/2010/11/29/final-post-on-javascript-crypto/ and >>> the comments (in particular, my >>> >> > http://rdist.root.org/2010/11/29/final-post-on-javascript-crypto/#comment-623 >> 9). >>> >>> Summary: it doesn't work, and can't work unless you add a plugin with >>> *many* restrictions. >>> >>> B B B B B B B B B B B B B B B Joachim >>> >>> -- >>> PotD: devel/ivy - dependency manager for Java >>> http://www.joachimschipper.nl/ >>> >> >> Firegpg was basically just chrome extensions to local(read client) >> side gpg binaries. It wasn't insecure for the reasons you cite, the >> author just got sick of having to update it to work with gmail (it's >> initial target). It is still useful for easy access to gpg functions >> within firefox.
