For Dark Mail, what's your solution to the identity problem?
In my mind, this is the key challenge for any attempt to make secure email (or other communications) pervasive. I don't see any way to both securely authenticate senders and provide the zero-education user experience that people keep demanding.
The problem's pretty easy if you're willing to require user education. If you require out of band key exchange or fingerprint authentication, then everyone's authenticated. You can get more complicated with something like the PGP web of trust, but making an appropriate UI for that seems to be basically unsolved even for experts.
The common cop-out is CA authentication, which basically doesn't work. Not only can a certificate authority not effectively authenticate people in practice, even if they did that would just add another target for a national security letter to compromise user communications.
It's pretty well established in the security community that encryption without good authentication is basically just snake oil. What's your approach?
Chandon7 karma
For Dark Mail, what's your solution to the identity problem?
In my mind, this is the key challenge for any attempt to make secure email (or other communications) pervasive. I don't see any way to both securely authenticate senders and provide the zero-education user experience that people keep demanding.
The problem's pretty easy if you're willing to require user education. If you require out of band key exchange or fingerprint authentication, then everyone's authenticated. You can get more complicated with something like the PGP web of trust, but making an appropriate UI for that seems to be basically unsolved even for experts.
The common cop-out is CA authentication, which basically doesn't work. Not only can a certificate authority not effectively authenticate people in practice, even if they did that would just add another target for a national security letter to compromise user communications.
It's pretty well established in the security community that encryption without good authentication is basically just snake oil. What's your approach?
View HistoryShare Link