Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Encrypted Email #5

Open
toddatpurism opened this issue Mar 5, 2016 · 3 comments
Open

Encrypted Email #5

toddatpurism opened this issue Mar 5, 2016 · 3 comments
Assignees
@toddatpurism
Milestone
Encrypted Email

Comments

@toddatpurism
Copy link
Contributor

Create an encrypted email service.

Initially this should be email + secure auth + built-in-encryption

Later it would be great to have this become a full encryption communication, with sane fall-back to notify the user that their email must be upgraded to communicate encrypted.
@toddatpurism toddatpurism self-assigned this Mar 5, 2016
@toddatpurism toddatpurism added this to the Encrypted Email milestone Mar 5, 2016
@toddatpurism toddatpurism mentioned this issue Mar 5, 2016
Open
13 tasks
@joeyh-purism
Copy link

todd expanded on this as follows by email:

  1. propose an email standard that allows encryption by default
  2. send fully encrypted by default, unless it is not supported
    (yes initially it will be only to/from @puri.st)
  3. send a fallback generic plaintext email explaining to get encryption
    TO: [email protected]
    FROM: [email protected]
    SUBJECT: A person wants to communicate securely with you
    BODY: But you don't support encryption. Please request to add it, or
    get it.
  4. offer to the sender to send the unencrypted contents via plaintext

This approach might get us to bridge the gap to have email become
encrypted by standard. with an acceptable fallback.

@joeyh-purism
Copy link

There are several attempts to implement #0 currently, notably the Dark Mail Alliance which I see has a client and a server now. So that is well under way.

#1, #2 makes sense for outgoing email.

Incoming email is probably the most difficult part. We can't check if an
incoming email is encrypted until we've received it, and at that point
we have an un-encrypted email touching our server. And the receiver has no
control over whether their bank, etc sends unencrypted email, and would
not want such important emails to be rejected.

@joeyh-purism
Copy link

We can give users an email client that tries to find a key to encrypt all the emails it sends. But, if the user chooses to use a different email client with our email server, we again can't tell if a message they're sending is encrypted before it reaches our server. So again we risk un-encrypted email touching our server.

Also, users will probably need to send email to entities that refuse to use gpg or have not yet learned how to use it.

So, there's probably no perfect solution for encrypted email. But, we can make it as easy as possible to have it be secure by default.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@toddatpurism toddatpurism

Labels
None yet
Projects
None yet
Milestone
Encrypted Email
Development

No branches or pull requests
2 participants
@toddatpurism @joeyh-purism