[cryptography] The next generation secure email solution

Natanael natanael.l at gmail.com
Mon Dec 16 03:47:44 EST 2013


Bote mail and I2P messenger are two pieces of serverless software that
ALREADY is public key addressed within I2P. Have you tried them? You need
to add the public keys of the recipients to be able to send a message to
start with, although the DHT based search system Seedless allow you to
publish Bote mail addresses to the network.

(IMAP support for Bote mail is planned but not yet implemented, right now
it has a local web interface.)

Maybe Namecoin could work together with them to enable you to register your
key addresses to your nickname in a secure manner, but then you still have
to have a globally unique nickname and tell people the exact spelling.

- Sent from my phone
Den 16 dec 2013 00:20 skrev "grarpamp" <grarpamp at gmail.com>:

> Moving the last couple days talk to this thread seems fine.
>
> On Sun, Dec 15, 2013 at 3:19 PM, Ralf Senderek <crypto at senderek.ie> wrote:
> > On Sun, 15 Dec 2013 grarpamp wrote:
> >
> >> The only way to have any real global seamless success is to go
> >> ground up with a completely new model. IMO, that will be some
> >> form of p2p message system where every address is a crypto key,
> >> masked for grandma by her contact list, decrypted out your p2p
> >> daemon and piped into your local mail processing (MUA/filter/lists)
> >> and filesystem (encryption). At least that way your local mail tools
> >> will still work (no one will give those up anyway).
> >
> >
> > If you are so sure, can you tell us how the next generation secure email
> > solution will solve the "trust problem", please.
>
> Though unclear, that sounds like the old trust of a CA/PKI system problem.
>
> > How does the p2p daemon
> > find the correct crypto key, so that every user can rely on its invisible
> > performance?
>
> In general I suggest that people wish to use messaging with each other
> once they already know them (or have some other trusted web to them).
> As in, Hey John, nice to meet ya today, what's your key (address), I'll
> message you later. Or Hey Jane, what's John's address. Same for
> employers, businesses, etc. Such peer groups bootstrap and grow
> very fast. Thus the perceived need for a cold lookup of Ralf, isn't much of
> a real one.
> Once you know the address (node crypto key), you put it 'To: <key>',
> mua hands to spool, p2p daemon reads spool, looks up key in DHT and
> sends msg off across the transport to the far key (node) when it is
> reachable. Hopefully the transport looks like I2P/Tor in being a secure
> random hop layer. In fact, those could probably be used today, they
> have the keys as nodes and user facing ports for inbound/outbound
> daemons. They just need scaling work to n-billion nodes (users,
> aka: the hard part). People are already plugging postfix, bittorrent,
> etc into these networks.
>
> Tor is not currently addressible at the user level by the full key,
> it 'shortens' the key into a 16char onion address. As you may be
> hinting at... yes, that is bad... collisions, and needing secondary lookup
> layers into the full key. Tor may be moving to full key addressibility
> soon, see tor-dev for that.
>
> I2P (and Phantom, and probably GnuNet) are addressible with full keys.
> So you can send to 'account at key' with them if you want, and keep the
> John/Jane/Ralf human style lookups in your MUA addressbook (once
> you know them) without needing a secondary lookup layer into the full key.
>
> No, I am not sure. But when looking at some of the p2p transport
> layers that have come along so far, it seems like a fairly strong
> possibility for a new backend transport model while retaining user
> level mail tools... mutt, maildrop, mailman, Thunderbird, etc. Most
> of what you'd need there is support for very long addresses and
> split horizon handoff to local daemon/spool based on recognizing
> what the destination net is... .onion, .i2p, etc.
> I'd like to read what Pond and I2P-Bote are doing with some parts of
> this as well.
>
> I don't believe you need a trusted CA/PKI service to successfully
> bootstrap users and their addresses/keys into a new global messaging
> system. If I want to know what some unknown like Bruce's key is, I'll
> look it up on his website, social net, list posts, etc. If that's what you
> mean.
> _______________________________________________
> cryptography mailing list
> cryptography at randombit.net
> http://lists.randombit.net/mailman/listinfo/cryptography
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20131216/52b944dd/attachment-0001.html>


More information about the cryptography mailing list