[cryptography] [Cfrg] Email encryption for the wider public

Henry Augustus Chamberlain henryaugustuschamberlain at gmail.com
Wed Sep 17 16:22:49 EDT 2014


On 17/09/2014, Michael Hamburg <mike at shiftleft.org> wrote:
> What about revocation?

Revocation is interesting, because it's basically a message which is
signed but not encrypted: the sender is a specific person, but the
"recipient" is the whole world.

I guess it would be similar to the current system: you prepare that
message in advance and sign it. If you lose access to your old
address, you get yourself a new one and send out the pre-prepared
message saying that you've lost access to your old address.

Essentially, keys and addresses serve a similar function: both are
"online identities". Keys are used by the cryptographic systems to
identify you, while addresses are used by the email server (and
routing system) to identify you. I think it makes sense to combine the
two.


More information about the cryptography mailing list