[guardian-dev] An email service that requires GPG/PGP?

Richard rz at linux-m68k.org
Wed Aug 14 18:01:41 EDT 2013


On Wed, Aug 14, 2013 at 04:54:43PM -0400, Griffin Boyce wrote:

> 
> Richard wrote:
> > how do you make webmail with PGP end to end encryption? I assume you
> > could do PGP in javascript but it would be trivially easy for the server
> > to steal the users secret keys in that case.
>   Yeah, and it doesn't avoid "the Hushmail Problem," where the
> government orders you to disable crypto for a given person.  There'd
> have to be (at a minimum) a browser extension or outside program
> involved, and at that point, it's just as easy for people to pick a GPG
> app/extension of their choice.

reaching out for the low hanging fruits ..

On the other end of the paranoia scale I would like to remind folks of the
the mixmaster remailer chaining technique which does much more than plain
encryption - as far as I can see it is theoretically completely untraceable.


Richard

---
Name and OpenPGP keys available from pgp key servers



More information about the Guardian-dev mailing list