-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Moritz Bartl:
> On 18.08.2013 19:51, Gordon Morehouse wrote:
This isn't gonna cut it. A Tormail replacement that's any
good, that's reliable, that's censorship-resistant, that's
hardened ... that will require professionals to set it u
On Sun, Aug 18, 2013 at 9:57 PM, Gordon Morehouse wrote:
> > PGP mails, and I'm thinking about enforcing TLS.
If you enforce TLS, you won't be able to send/receive email for many
domains.
Also REQUIRING PGP will prevent tor users from communicating w/ many people.
http://arstechnica.com/securi
On 19.08.2013 05:31, ITechGeek wrote:
>>> PGP mails, and I'm thinking about enforcing TLS.
> If you enforce TLS, you won't be able to send/receive email for many
> domains.
Yes.
I want to have a script that scans all incoming mail for the used cipher
and in the case of a weak, non-PFS cipher, or
On 8/19/13, 5:52 PM, Moritz Bartl wrote:
On 19.08.2013 05:31, ITechGeek wrote:
PGP mails, and I'm thinking about enforcing TLS.
If you enforce TLS, you won't be able to send/receive email for many
domains.
Yes.
I want to have a script that scans all incoming mail for the used cipher
and in t
On 19.08.2013 09:58, Peter Tonoli wrote:
> To what point will this be? I'd say the majority of SMTP w/ TLS servers
> are using self-signed certificates. It's arguable whether TLS with a
> self signed certificate is any better than just plaintext.
I don't see any point in arguing about that: It is,
Il 8/19/13 10:49 AM, Moritz Bartl ha scritto:
> On 19.08.2013 09:58, Peter Tonoli wrote:
>> To what point will this be? I'd say the majority of SMTP w/ TLS servers
>> are using self-signed certificates. It's arguable whether TLS with a
>> self signed certificate is any better than just plaintext.
>
> I'd say the majority of SMTP w/ TLS servers are
> using self-signed certificates.
Which you can then can pin-on-first-sight, just like SSH, and verify
as desired, which is better than automatically trusting any CA.
Mo's stance may not be all that interoperable at first, but
it's interesting pol
First off Edward Snowden did not need anonymity. He went public on this.
Second gateways compromise network security by granting outsiders internal
access. Encryption is another thing but would be pretty easy. I'm not
saying this is a bad project but you need to put protections in it.
On Aug 19, 20
Il 8/26/13 1:29 PM, Nathan Suchy ha scritto:
> First off Edward Snowden did not need anonymity. He went public on this.
> Second gateways compromise network security by granting outsiders internal
> access. Encryption is another thing but would be pretty easy. I'm not
> saying this is a bad project
Just don't manage or store PGP keys. That would destroy security!
On Aug 26, 2013 11:35 AM, "Fabio Pietrosanti (naif)"
wrote:
> Il 8/26/13 1:29 PM, Nathan Suchy ha scritto:
> > First off Edward Snowden did not need anonymity. He went public on this.
> > Second gateways compromise network security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 08/26/2013 07:29 AM, Nathan Suchy wrote:
> First off Edward Snowden did not need anonymity. He went public on
> this.
Is it known if he chose to go public, or if it was a condition of the
leak being published by the Guardian?
- --
The Doctor [412
On 27 Aug 2013, at 18:44, The Doctor wrote:
> Signed PGP part
> On 08/26/2013 07:29 AM, Nathan Suchy wrote:
> > First off Edward Snowden did not need anonymity. He went public on
> > this.
>
> Is it known if he chose to go public, or if it was a condition of the
> leak being published by the Gu
On 13-08-27 02:06 PM, Bernard Tyers - ei8fdb wrote:
>
> On 27 Aug 2013, at 18:44, The Doctor wrote:
>
>> Signed PGP part
>> On 08/26/2013 07:29 AM, Nathan Suchy wrote:
>>> First off Edward Snowden did not need anonymity. He went public on
>>> this.
>>
>> Is it known if he chose to go public, or
Yes. Edward Snowden did a good job and probably had smart tactics for
securing his Internet traffic before meeting with them. It being a
condition may have been the case but even then he is already public so what
we need to focus on is that. If he really needed security he should of used
TorMail as
On 18.08.2013 19:51, Gordon Morehouse wrote:
>>> This isn't gonna cut it. A Tormail replacement that's any good,
>>> that's reliable, that's censorship-resistant, that's hardened ...
>>> that will require professionals to set it up.
I don't want to imply that we are professionals, but we will so
On Sun, Aug 18, 2013 at 3:12 PM, Moritz Bartl wrote:
>
> The idea is that you can email @xyz.onion.to, and the mail gateway will
> forward the mail to @xyz.onion. The gateway will only accept PGP mails,
sounds better than average,
> and I'm thinking about enforcing TLS.
this only makes se
16 matches
Mail list logo