[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Basics of secure email platform

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Basics of secure email platform
From: grarpamp <grarpamp@xxxxxxxxx>
Date: Sun, 11 Aug 2013 07:03:07 -0400
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sun, 11 Aug 2013 07:11:21 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; bh=x0y7VP4s2MxzB62ZMTOJzCXCOPe3EQW1RU6Xqfny7DY=; b=X+KspsERiOWjeznk+bfcPgrCGVJMEOq5DVYwwvSjnImdM9V+Mrk7bnfCCZARAnKjA7 0S9Y0OLTRczdVeEUcvI/dAaaVYgU7W5MTR4V2Y9jLkBBJJu54rVr9Za3U8Af7zUfKGet At8TGFWggqsnN6IGFMF39bCH0kBompC/rtNpPm2Xx16K1cN2znaJMe8AtUkepYM6DcfF OTY4TMfaQ12BkhBUtRy3zzY/R6yo5JApKzG0xqQrrofdeSigKs6d5CIdIt2wBNNgxe7g oxOx7006EEUbMVVBOQP4XvNJjPizMSkIhRlRt6g0WGUQ/Eg6laKma4MpWNauwq8r5TJU utQg==
In-reply-to: <959EC42C-D9F5-49E0-92EE-CB0B0DA79F72@xxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <959EC42C-D9F5-49E0-92EE-CB0B0DA79F72@xxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

On Sat, Aug 10, 2013 at 3:39 PM, Jerzy Åogiewa <jerzyma@xxxxxxxxxx> wrote:
> I like to start a conversation about secure email provider
> If I start new email provider now, how to guarantee security and privacy for user?
> Understanding limitation of email of course!

Within the existing email standards and limitations the world uses today...

Mail services cannot guarantee this, only the user can, and every service
that tries to take/manage responsibility for the user's cleartext body is
both lying and a failure waiting to happen. The user cannot trust any code
provided by the service or give any secret key material/access to the service.
They must encrypt on their own locally with OpenGPG, EnigMail etc and
then insert the output into the mail transport.

> Is there some "best practice" for secure email service?
> Do not host in U.S. is obvious but what more?

The only thing a mail provider can do is apply privacy centered systems
best practice. Logs, crypted transport, access, location, policies, peering
with other mail services, etc. Because almost no one does this, there is
lots of room for new providers to get these basic things right. And the
demand for it just went up.

If you get that right, and if the user encrypts, then only the delivery metadata
remains as unfixable. Unless you hold a kill switch and burn the spool keys
when things get spooky.

> Lavabit method was it seems not enough.

We don't know enough about the case to say yet what it was or wasn't
'enough' to be up against.
We do know the system required the user to trust the service with key
material (passphrase), which yields failure every time.
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Basics of secure email platform
  - From: grarpamp

References:
- [tor-talk] Basics of secure email platform
  - From: Jerzy Åogiewa

Prev by Author: [tor-talk] HS drop
Next by Author: Re: [tor-talk] Basics of secure email platform
Previous by thread: [tor-talk] Basics of secure email platform
Next by thread: Re: [tor-talk] Basics of secure email platform
Index(es):
- Author
- Thread