[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] Secure email with limited usable metadata
This poses a really interesting question.
Another solution would be to use already existing remailers, and doubling
the encryption together with the TO: email in the inline plaintext. The
question is how to properly do a dual encryption.
My proposed solution is the following:
Plaintext message (encrypted for recipient, with unencrypted portion
dictating the recipient through inline text) -> Encrypted Message
(encrypted again to remailer's PGP, including inline portion) -> Remailer
(decrypted intended layer. Message is sent to recipient dictated in the
inline text) -> Recipient's Email Server / Provider (cannot be read by
provider) -> Recipient Mailbox
On Sun, Jun 30, 2013 at 8:52 AM, <alice-tor@xxxxxxxxxxxxx> wrote:
> everyone is tooting about pgp these. pgp encryption doesnt solve the
> problem of tla surveillance. pgp encryption does not touch metadata
> (recipent, sender).
> how to secure mail communication?
> i was thinking about pointing the mx record of the tld to a mail server
> that is shared with other individuals. the server is configured to drop
> incoming non-tls smtp connection from other mail server. On a per account
> basis, every message that is not encrypted to the public pgp key of the
> address is dropped, too. users use pop3/smtp over a hidden server to
> download/send messages.
> what do you think? the setup is easy to maintain. if inbox size is limited
> to a few mbs any cheap vps thats like 20$ a year can be used to service
> hundreds of thousands of accounts. a trusted umbrella organization is
> needed to maintain the server as anonymity is increased by increasing users
> count. is the tor project or torservers.net interested in running such a
> service? i would literally pay money for that, so would others.
> tor-talk mailing list
tor-talk mailing list