Author: John Morris Date: To: dng Subject: Re: [DNG] default signing Re: [ann] heads 0.0 is out!
On Fri, 2017-03-03 at 10:09 -0500, Hendrik Boom wrote:
> What default cryptographic identity would it use?
>
> -- hendrik
My notion is an email client should look for a keyring and if it can't
find one it should default to creating a basic key and publishing it to
one or more keyservers. Imagine if every message from $foobar mail
client always had a signature attached. Now imagine that it also
attached the public key on 1-1 emails. Just that would raise awareness
of signed and encrypted email, creating a demand for other clients to
chase the feature.
Now harvest any keys it gets by that method or by looking up in the
keyservers. Then instead of just signing it can start signing and
encrypting by default once it has a key for the receiver.
Once all clients had adopted the feature most personal email would be
encrypted by default, combined with the current trend toward mail
servers encrypting traffic between themselves you get a lot of virtually
untrackable traffic that would give the NSA fits.
No, normies with keys generated by default and no care put into
protecting it would not be as secure as hard core types with their key
material on external devices. But it would improve general security
greatly at almost no expense.
Here is the kicker. It is an obvious idea yet exactly zero mail clients
have ever did it. Not the big commercial ones like Outlook, Lotus Notes
or Eudora, not the big free ones like Thunderbird or Evolution. Not
even Pine or GNU's Emacs Mail. Zero is a magic number, when you see
zero or infinity you always take another look at your figures to see if
you made a mistake. Well here is a suspicious zero.