An open standard. Ideally, there would be an RFC that all legitimate
email providers and email clients would adhere to and not be owned by any single company.
It'll never work.
On Sun, 24 Oct 2021 18:00:02 +0000, bje wrote:
It'll never work.
There's no technical reason that it couldn't work, right? The user base
would be tiny until it found its niche but that's OK. The difficulty
would be getting people (probably techie, security/privacy minded people)
to try it out the first time.
You mean like https://protonmail.com ?
For example, here's an encrypted email that I just sent to myself with
gnupg using Protonmail:
https://susepaste.org/view/raw/42629518
You can see that there is quite a bit of information there that is not encrypted and this information is quite valuable to a lot of people.
The email system that I am proposing would be _incompatible_ with
existing email because the existing email framework requires these
headers to be unencrypted. This means that the userbase would be
miniscule compared legacy email system. This is OK. It is meant for a specific use case. To provide always fully encrypted email for users who value their privacy. I believe that the community who would want this is globally quite large. They would only be able to talk to each other, but that's OK in the beginning.
On Sun, 24 Oct 2021 19:46:40 +0000, bje wrote:
You mean like https://protonmail.com ?
No, not really. Protonmail uses the standard email format which means unecrypted header metadata. Also, Protonmail uses a proprietary system
for how it handled email internally which includes the fact that they
also host your private key for you.
I'm proposing a new standard which minimizes the amount of unencrypted metadata to only being the recipient. One of the major issues that the privacy/security community has with email as it is now is that there is
too much information that is unencrypted even with proper gnupg.
First of all, I do not consider any form of instant messaging a
replacement for email. Email is long-form communication. Instant
messaging is not.
Right now email is like this but instant messaging is not
an open standard. I can't write my own client for Signal, Whatsapp, etc. because they are proprietary nor can I run my own server.
Unencrypted metadata from email would be limited to only the email
address of the recipient.
All other data must be a part of the encrypted
message. Individual servers may log incoming and outgoing times for
messages but that data will not be visible metadata.
Encryption is never optional.
They can then only receive emails from people
that they have shared their key with.
Sysop: | Keyop |
---|---|
Location: | Huddersfield, West Yorkshire, UK |
Users: | 292 |
Nodes: | 16 (2 / 14) |
Uptime: | 192:25:22 |
Calls: | 6,616 |
Files: | 12,166 |
Messages: | 5,315,297 |