The US government has betrayed the Internet. We need to take it back
nicolai-nanog at chocolatine.org
Fri Sep 6 19:52:34 UTC 2013
On Fri, Sep 06, 2013 at 12:03:56PM -0700, Michael Thomas wrote:
> On 09/06/2013 11:19 AM, Nicolai wrote:
> >That's true -- it is far easier to subvert email than most other
> >services, and in the case of email we probably need a wholly new
> Uh, a first step might be to just turn on [START]TLS. We're not using the
> tools that have been implemented and deployed for a decade at least.
Agreed. Although some people are uncomfortable with OpenSSL's track record,
and don't want to trade system security for better-than-plaintext
But the deeper issue is coercing providers to give up mail stored on
private servers, bypassing the network altogether. TLS doesn't address
this problem. Short term: deploy [START]TLS. Long term: we need a new
email protocol with E2E encryption.
More information about the NANOG