Confidant Mail is another next-gen mail architecture worth a look. You
can access
servers directly, via exit node, via hidden service, or via I2P. You can
have your mail
hosted on your own server, on someone else's server, or in the
Distributed Hash Table.
In the "server" case there is no limit
Confidant Mail 0.20 is available at http://www.confidantmail.org
No major functional changes, but there are ready to run binaries for
TAILS Live CD 1.2.3 and MacOS 10.9
Confidant Mail is an encrypted, and optionally Tor-anonymized, email
system supporting large file transfers.
Mike Ingle
d2b
On 2015-02-03 21:28, Andrew Roffey wrote:
Except for the few big names, most domain providers do not provide
inexpensive certificates so the point is not invalid (yet). I don't
think changing domain providers to bundle the cost is a reasonable
solution to the high costs of certificates.
HTTPS c
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 02/03/2015 06:25 PM, Seth David Schoen wrote:
> The Tor Project itself has found that users often don't verify GPG
> signatures on binaries (I think Mike Perry quoted some statistics
> about
This might provide some insight:
http://arstechnica
On Tue, 03 Feb 2015 21:28:42 -0800, Andrew Roffey
wrote:
I don't suppose one could purchase a dummy domain with Namecheap and
then ask them to sign a certificate for the real domain (with another
provider)? I suspect not, but please correct me if I'm wrong.
That's a damn fine questionp. My gu
Just for the story about startssl, unlike Confidant Mail which should
use https, I think, despite of the fact that they don't trust it, like
all of us, it's still better than nothing, I have explained several time
here why we could not use https to retrieve the Peersm code.
There was an artifi
On 04/02/15 13:19, Paul Syverson wrote:
> On Wed, Feb 04, 2015 at 06:58:28AM +0100, CJ wrote:
>>
>>
>> On 02/04/2015 06:19 AM, Seth wrote:
>>> On Tue, 03 Feb 2015 20:01:36 -0800, Andrew Roffey
>>> wrote:
- there is a cost of obtaining HTTPS signatures.
>>>
>>> Not certain if the deal is st
On Wed, Feb 04, 2015 at 06:58:28AM +0100, CJ wrote:
>
>
> On 02/04/2015 06:19 AM, Seth wrote:
> > On Tue, 03 Feb 2015 20:01:36 -0800, Andrew Roffey
> > wrote:
> >> - there is a cost of obtaining HTTPS signatures.
> >
> > Not certain if the deal is still being offered, but for quite a while
> >
SSL: I get it, a lot of people think I should have SSL support on the
website. I will look into it.
Until then (and even after) check the sigs. Nuff said.
>Back to Confidant Mail: interesting project, kind of reminds me of
>BitMessage, though it seems to be more usable (by far).
I looked at tho
On 02/04/2015 06:19 AM, Seth wrote:
> On Tue, 03 Feb 2015 20:01:36 -0800, Andrew Roffey
> wrote:
>> - there is a cost of obtaining HTTPS signatures.
>
> Not certain if the deal is still being offered, but for quite a while
> you could get a free TLS/SSL certificate good for one year when
> reg
Seth:
> On Tue, 03 Feb 2015 20:01:36 -0800, Andrew Roffey
> wrote:
>> - there is a cost of obtaining HTTPS signatures.
>
> Not certain if the deal is still being offered, but for quite a while
> you could get a free TLS/SSL certificate good for one year when
> registering or transferring a domain
On Tue, 03 Feb 2015 20:01:36 -0800, Andrew Roffey
wrote:
- there is a cost of obtaining HTTPS signatures.
Not certain if the deal is still being offered, but for quite a while you
could get a free TLS/SSL certificate good for one year when registering or
transferring a domain to namechea
> - there is a cost of obtaining HTTPS signatures.
Oops, I meant HTTPS certificates, not signatures.
Andrew
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>> Then GnuPG signatures would perhaps be more appropriate in this
>> instance?
>
> The Tor Project itself has found that users often don't verify GPG
> signatures on binaries (I think Mike Perry quoted some statistics
> about how often the Tor Browser binary had been downloaded in
> compariso
That is an interesting point. Thinking this through in the game theory
sense:
Spooks' choice:
1: never mess with Tor downloads
2: mess with Tor downloads in rare cases of high value targets (where a
selector like IP or cookie matches)
3: frequently mess with Tor downloads
Effect of 1: they get
Mike Ingle writes:
> As far as HTTPS:
> The NSA has the ability to get into Amazon EC2 and mess with files
> too, no doubt. And they have a variety of compromised HTTPS CA certs
> they could use to MITM. If they wanted to do that they could, HTTPS
> or no. If they did it on a large scale, they w
Non-www A record is added, and should show up soon.
As far as HTTPS:
The NSA has the ability to get into Amazon EC2 and mess with files too,
no doubt.
And they have a variety of compromised HTTPS CA certs they could use to
MITM.
If they wanted to do that they could, HTTPS or no. If they did it
Andrew Roffey writes:
> michael ball:
> > On *Tue Feb 3, Mike Ingle wrote:*
> >> I don't have HTTPS because there is nothing secret on the site, and
> >> because I don't place much trust in it
> >
> > i may be mistaken that it is kinda stupid not to use HTTPS on a
> > website with downloads, as
michael ball:
> On *Tue Feb 3, Mike Ingle wrote:*
>> I don't have HTTPS because there is nothing secret on the site, and
>> because I don't place much trust in it
>
> i may be mistaken that it is kinda stupid not to use HTTPS on a
> website with downloads, as documents released by Ed Snowden show
On *Tue Feb 3, Mike Ingle wrote:*
>I don't have HTTPS because there is nothing secret on the site, and
>because I don't place much trust in it
i may be mistaken that it is kinda stupid not to use HTTPS on a
website with downloads, as documents released by Ed Snowden show that
the NSA has the capab
On 2/3/2015 3:56 PM, Zenaan Harkness wrote:
On 2/4/15, Mike Ingle wrote:
On 2/3/2015 10:31 AM, Kevin wrote:
On 2/3/2015 12:33 PM, krishna e bera wrote:
On 15-02-02 09:57 PM, Mike Ingle wrote:
http://www.confidantmail.org
Mike Ingle
d2b89e6f95e72e26e0c917d02d1847dfecfcd0c2
I am curious why
On 2/4/15, Mike Ingle wrote:
> On 2/3/2015 10:31 AM, Kevin wrote:
>> On 2/3/2015 12:33 PM, krishna e bera wrote:
>>> On 15-02-02 09:57 PM, Mike Ingle wrote:
http://www.confidantmail.org
Mike Ingle
d2b89e6f95e72e26e0c917d02d1847dfecfcd0c2
>>> I am curious why someone delivering secu
On 2/3/2015 10:31 AM, Kevin wrote:
On 2/3/2015 12:33 PM, krishna e bera wrote:
On 15-02-02 09:57 PM, Mike Ingle wrote:
http://www.confidantmail.org
Mike Ingle
d2b89e6f95e72e26e0c917d02d1847dfecfcd0c2
I am curious why someone delivering security and privacy software does
not have HTTPS on thei
23 matches
Mail list logo
