[146408] in cryptography@c2.net mail archive
Re: [Cryptography] Email and IM are ideal candidates for mix
daemon@ATHENA.MIT.EDU (Phill)
Tue Aug 27 02:43:33 2013
X-Original-To: cryptography@metzdowd.com
From: Phill <hallam@gmail.com>
In-Reply-To: <521BC83A.90009@virtadpt.net>
Date: Mon, 26 Aug 2013 21:46:16 -0400
To: drwho@virtadpt.net
Cc: cryptography@metzdowd.com
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
--===============6953174766969225695==
Content-Type: multipart/alternative; boundary="Apple-Mail=_817AF4EE-0B1E-4AFE-BB1B-074967EB4CCD"
--Apple-Mail=_817AF4EE-0B1E-4AFE-BB1B-074967EB4CCD
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
charset=us-ascii
On Aug 26, 2013, at 5:27 PM, The Doctor <drwho@virtadpt.net> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>=20
> On 08/26/2013 08:46 AM, Phillip Hallam-Baker wrote:
>=20
>> Which is why I think Ted Lemon's idea about using Facebook type=20
>> friending may be necessary.
>=20
> Or Gchat-style contacts.
>=20
>> I don't think we can rely on that for Key distribution. But I think
>> it needs to be a part of the mix.
>=20
> What if the public key were baked into the user's public-facing
> profile in such a fashion that the client could pick it up
> automagickally but viewers just saw another link that they'd never
> click on anyway?
I am thinking that I want to make face to face exchange of keys via an =
iPhone 'bump' type app possible
Also I want to be able to use friend relationships as a spam filtering =
control. Perhaps you only want to accept encrypted email from people if =
you know them.=20
My spam problem is a little larger than most. While I was doing =
anti-span at VeriSign I received a quarter of the mail for the company. =
I have been under a DoS attack on my mail for a considerable time.
But in any case, at the moment we have email, I'm, voice and video all =
as separate apps unless we go through a proprietary scheme when they =
become one. The missing piece for email security is key discovery. If we =
are going to solve that problem for email we should do it for all the =
other apps as well.
The market for secure email is going to be tiered. There will be folks =
like us who want to have full control and do a lot of the work ourselves =
and there will be people who want to buy in the expertise and then there =
will be institutions that need to outsource.
As folk probably know, I work for Comodo and so I am interested in the =
possibility of establishing an enterprise market for secure email =
services. But that is only an interesting commercial prospect if there =
is a chance that secure email will become ubiquitous.=20
In the near term, the critical mass for secure email has to come from =
another sector. People concerned about PRISM seems to be the =
constituency most likely to drive adoption. Even if the threat from =
other sources (Iran, Russia) is actually greater in my view.=20
>> I have a protocol compiler. Just give it an abstract schema and out
>> pops a server and client API library. Just need to add the code to
>> implement the semantics. It is up on Sourceforge, will update later
>> this week.
>=20
> Neat! Link, please?
https://sourceforge.net/projects/jsonschema/
The code should be uploaded later this week or early next. Just got back =
from Europe and having some hardware issues of the expensive kind.
--Apple-Mail=_817AF4EE-0B1E-4AFE-BB1B-074967EB4CCD
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html;
charset=us-ascii
<html><head><meta http-equiv=3D"Content-Type" content=3D"text/html =
charset=3Dus-ascii"></head><body style=3D"word-wrap: break-word; =
-webkit-nbsp-mode: space; -webkit-line-break: after-white-space; =
"><br><div><div>On Aug 26, 2013, at 5:27 PM, The Doctor <<a =
href=3D"mailto:drwho@virtadpt.net">drwho@virtadpt.net</a>> =
wrote:</div><br class=3D"Apple-interchange-newline"><blockquote =
type=3D"cite">-----BEGIN PGP SIGNED MESSAGE-----<br>Hash: SHA1<br><br>On =
08/26/2013 08:46 AM, Phillip Hallam-Baker wrote:<br><br><blockquote =
type=3D"cite">Which is why I think Ted Lemon's idea about using Facebook =
type <br>friending may be necessary.<br></blockquote><br>Or Gchat-style =
contacts.<br><br><blockquote type=3D"cite">I don't think we can rely on =
that for Key distribution. But I think<br>it needs to be a part of the =
mix.<br></blockquote><br>What if the public key were baked into the =
user's public-facing<br>profile in such a fashion that the client could =
pick it up<br>automagickally but viewers just saw another link that =
they'd never<br>click on anyway?<br></blockquote><div><br></div><div>I =
am thinking that I want to make face to face exchange of keys via an =
iPhone 'bump' type app possible</div><div><br></div><div>Also I want to =
be able to use friend relationships as a spam filtering control. Perhaps =
you only want to accept encrypted email from people if you know =
them. </div><div><br></div><div>My spam problem is a little larger =
than most. While I was doing anti-span at VeriSign I received a quarter =
of the mail for the company. I have been under a DoS attack on my mail =
for a considerable time.</div><div><br></div><div><br></div><div>But in =
any case, at the moment we have email, I'm, voice and video all as =
separate apps unless we go through a proprietary scheme when they become =
one. The missing piece for email security is key discovery. If we are =
going to solve that problem for email we should do it for all the other =
apps as well.</div><div><br></div><div><br></div><div>The market for =
secure email is going to be tiered. There will be folks like us who want =
to have full control and do a lot of the work ourselves and there will =
be people who want to buy in the expertise and then there will be =
institutions that need to outsource.</div><div><br></div><div>As folk =
probably know, I work for Comodo and so I am interested in the =
possibility of establishing an enterprise market for secure email =
services. But that is only an interesting commercial prospect if there =
is a chance that secure email will become =
ubiquitous. </div><div><br></div><div>In the near term, the =
critical mass for secure email has to come from another sector. People =
concerned about PRISM seems to be the constituency most likely to drive =
adoption. Even if the threat from other sources (Iran, Russia) is =
actually greater in my =
view. </div><div><br></div><div><br></div><br><blockquote =
type=3D"cite"><blockquote type=3D"cite">I have a protocol compiler. Just =
give it an abstract schema and out<br>pops a server and client API =
library. Just need to add the code to<br>implement the semantics. It is =
up on Sourceforge, will update later<br>this =
week.<br></blockquote><br>Neat! Link, =
please?<br></blockquote></div><br><div><a =
href=3D"https://sourceforge.net/projects/jsonschema/">https://sourceforge.=
net/projects/jsonschema/</a></div><div><br></div><div>The code should be =
uploaded later this week or early next. Just got back from Europe and =
having some hardware issues of the expensive =
kind.</div><div><br></div><div><br></div></body></html>=
--Apple-Mail=_817AF4EE-0B1E-4AFE-BB1B-074967EB4CCD--
--===============6953174766969225695==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
--===============6953174766969225695==--
