[PLUG] ProtonMail was: Surveillance Capitalism

Paul Heinlein heinlein at madboa.com
Fri Jan 10 15:11:34 UTC 2020 

On Fri, 10 Jan 2020, Rich Shepard wrote:

> On Thu, 9 Jan 2020, Ben Koenig wrote:
>
>> Ideally, end-to-end encryption will become an industry standard, meaning
>> all email clients will agree to implement it. Until that happens,
>> universal encryption on all platforms and devices will not be possible.
>
> Is this end-to-end encryption implemented at the MUA level, the MTA level,
> or elsewhere?

The ideal toolchain would I think be something like this.

1. End users generate a keypair (ala PGP) and publish public keys.
2. Bob uses MUA-level hooks to encrypt body of message using Carol's
    public key, signing the message with his private key.
3. MUA submits message to MTA using TLS-negotiated encryption,
    protecting SMTP header info in transit along with already
    encrypted message body.
4. Sender MTA delivers messaage to recipient MTA using similar
    TLS wire-level crypto to protect SMTP header info.
5. Recipient MTA delivers message; body remains encrypted.
6. Carol verifies her trust in Bob's public key.
7. Carol uses MUA-level hooks to decrypt Bob's message using
    her private key and verifying Bob's key as the sender.
    Only the in-memory version of the message is decrypted;
    the on-disk message remains encrypted.

Points 3 and 4 are already in widespread use. Point 5 will always be 
true is encryption is handled by the MUA.

The lack of a universally accepted key-management system hinders 
points 1 and 6; I know that's where PGP is aimed, but I'd hardly call 
it universally accepted.

The closest we have to an MUA standard in points 2 and 7 is S/MIME, 
which is widely implemented but doesn't work with PGP, relying instead 
on the same key-management techniques used to issue SSL certificates 
for, e.g., web sites.

Beyond all that is the problem of data retention. It's likely that a 
secure system will encourage key expiration, if for no other reason 
than to keep moving away from once-secure techniques that become 
insecure due to increased computing power, clever algorithm 
developments, or whatever. If that's true, what do you do will all the 
messages that arrived encrypted with your old key?

-- 
Paul Heinlein
heinlein at madboa.com
45°38' N, 122°6' W

More information about the PLUG mailing list