The US government has betrayed the Internet. We need to take it back

• Previous message (by thread): The US government has betrayed the Internet. We need to take it back
• Next message (by thread): The US government has betrayed the Internet. We need to take it back
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Sep 06, 2013 at 12:03:56PM -0700, Michael Thomas wrote:
> On 09/06/2013 11:19 AM, Nicolai wrote:
> >That's true -- it is far easier to subvert email than most other
> >services, and in the case of email we probably need a wholly new
> >protocol.
> >
> 
> Uh, a first step might be to just turn on [START]TLS. We're not using the
> tools that have been implemented and deployed for a decade at least.

Agreed.  Although some people are uncomfortable with OpenSSL's track record,
and don't want to trade system security for better-than-plaintext
network security.

But the deeper issue is coercing providers to give up mail stored on
private servers, bypassing the network altogether.  TLS doesn't address
this problem.  Short term: deploy [START]TLS.  Long term: we need a new
email protocol with E2E encryption.

Nicolai

• Previous message (by thread): The US government has betrayed the Internet. We need to take it back
• Next message (by thread): The US government has betrayed the Internet. We need to take it back
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]