In 2014 @matthew_d_green wrote "What's the matter with PGP?" https://blog.cryptographyengineering.com/2014/08/13/whats-matter-with-pgp/
We'd like to humbly report completion of its main suggestions. Better late than never! :)
- Key management is automatic through #securejoin and #autocrypt protos
- #chatmail relays form an end-to-end encrypted email enclave interoperable with any e-mail address using proper end-to-end encryption.
- RFC 9580 "cryptorefresh" is rolled out in current releases and will be activated soon.
One to go? ;)![screenshot of a part of the blog post from Matthew Greene:
So what should we be doing?
Quite a lot actually. The path to a proper encrypted email system isn’t that far off. At minimum, any real solution needs:
[a green verified checkmark on the following paragraph]
« A proper approach to key management. This could be anything from centralized key management as in Apple’s iMessage — which would still be better than nothing — to a decentralized (but still usable) approach like the
o one offered by Signal or OTR. Whatever the solution, in order to achieve mass deployment, keys need to be made much more manageable or else submerged from the user altogether.
« Forward secrecy baked into the protocol. This should be a pre-condition to any secure messaging system.
« Cryptography that post-dates the Fresh Prince. Enough said.
[a green verified checkmark on the following paragraph]
o « Screw backwards compatibility. Securing both encrypted and unencrypted email is too hard. We need dedicated networks that handle this from the start.](https://friendica-leipzig.de/photo/preview/600/892997 "screenshot of a part of the blog post from Matthew Greene:
So what should we be doing?
Quite a lot actually. The path to a proper encrypted email system isn’t that far off. At minimum, any real solution needs:
[a green verified checkmark on the following paragraph]
« A proper approach to key management. This could be anything from centralized key management as in Apple’s iMessage — which would still be better than nothing — to a decentralized (but still usable) approach like the
o one offered by Signal or OTR. Whatever the solution, in order to achieve mass deployment, keys need to be made much more manageable or else submerged from the user altogether.
« Forward secrecy baked into the protocol. This should be a pre-condition to any secure messaging system.
« Cryptography that post-dates the Fresh Prince. Enough said.
[a green verified checkmark on the following paragraph]
o « Screw backwards compatibility. Securing both encrypted and unencrypted email is too hard. We need dedicated networks that handle this from the start.")
We'd like to humbly report completion of its main suggestions. Better late than never! :)
- Key management is automatic through #securejoin and #autocrypt protos
- #chatmail relays form an end-to-end encrypted email enclave interoperable with any e-mail address using proper end-to-end encryption.
- RFC 9580 "cryptorefresh" is rolled out in current releases and will be activated soon.
One to go? ;)
![screenshot of a part of the blog post from Matthew Greene:
So what should we be doing?
Quite a lot actually. The path to a proper encrypted email system isn’t that far off. At minimum, any real solution needs:
[a green verified checkmark on the following paragraph]
« A proper approach to key management. This could be anything from centralized key management as in Apple’s iMessage — which would still be better than nothing — to a decentralized (but still usable) approach like the
o one offered by Signal or OTR. Whatever the solution, in order to achieve mass deployment, keys need to be made much more manageable or else submerged from the user altogether.
« Forward secrecy baked into the protocol. This should be a pre-condition to any secure messaging system.
« Cryptography that post-dates the Fresh Prince. Enough said.
[a green verified checkmark on the following paragraph]
o « Screw backwards compatibility. Securing both encrypted and unencrypted email is too hard. We need dedicated networks that handle this from the start.](https://assets.chaos.social/media_attachments/files/114/307/254/860/811/510/original/2fea951f4754e8ea.png "screenshot of a part of the blog post from Matthew Greene:
So what should we be doing?
Quite a lot actually. The path to a proper encrypted email system isn’t that far off. At minimum, any real solution needs:
[a green verified checkmark on the following paragraph]
« A proper approach to key management. This could be anything from centralized key management as in Apple’s iMessage — which would still be better than nothing — to a decentralized (but still usable) approach like the
o one offered by Signal or OTR. Whatever the solution, in order to achieve mass deployment, keys need to be made much more manageable or else submerged from the user altogether.
« Forward secrecy baked into the protocol. This should be a pre-condition to any secure messaging system.
« Cryptography that post-dates the Fresh Prince. Enough said.
[a green verified checkmark on the following paragraph]
o « Screw backwards compatibility. Securing both encrypted and unencrypted email is too hard. We need dedicated networks that handle this from the start.")
What’s the matter with PGP?
Last Thursday, Yahoo announced their plans to support end-to-end encryption using a fork of Google’s end-to-end email extension. This is a Big Deal. With providers like Google and Yahoo onboa…A Few Thoughts on Cryptographic Engineering
Dieser Beitrag wurde bearbeitet. (1 Woche her)
