[guardian-dev] An email service that requires GPG/PGP?

Griffin Boyce griffinboyce at gmail.com
Fri Aug 9 14:07:25 EDT 2013


  This probably sounds very strange, but *what if* someone ran an email
service that required that all mails be GPG encrypted?

  So here's my idea: Barring the honor system, it would require a filter
to look at message content to check for PGP headers.  And if said
headers didn't exist, the message doesn't get sent.[1] There's no "Sent
Mail" folder on the server, so if you want a copy, you'd need to have
Thunderbird (etc) set up to store them locally.

  It wouldn't protect from metadata collection, but it would at least
(to some extent) protect people from their own poor security decisions
while emphasizing that options exist to protect themselves.

Considerations:
    * This assumes that an order would arrive to disable PGP filter and
enable a sent folder (eg, this idea assumes metadata is unprotected)

    * Those playing at home may recognize this as a naive Bayes
classifier, given that the presence of PGP headers don't necessarily
mean the actual message is encrypted. There are other (heavier) steps
that could be taken, like checking for encryption on outbound with SJCL,
but I think that probability is on our side here.

    * In the face of an NSL, the service would realistically either fall
back to policy (removing tech-based enforcement by order) or shut down
entirely.

  What does everyone think? Is this totally nuts or what?

best,
Griffin

-- 
"Cypherpunks write code not flame wars." --Jurre van Bergen
#Foucault / PGP: 0xAE792C97 / OTR: saint at jabber.ccc.de
<mailto:saint at jabber.ccc.de>

My posts, while frequently amusing, are not representative of the
thoughts of my employer.


More information about the Guardian-dev mailing list