[FoRK] At what point is email officially broken?

Justin Mason < jm at jmason.org > on > Thu Dec 7 03:56:05 PST 2006

Simon Wistow writes:
> On Wed, Dec 06, 2006 at 01:59:11PM -0800, Tom Higgins said:
> > Crypto? PGP has been out for a decade or so and it is being used by
> > what percent of the email population? Yea, see it may sound good it
> > might flash a little something but without use it means not much.
> Funnily enough I was talking with someone about this yesterday - what if 
> Google, Yahoo! and Microsoft implemented client side PGP in their 
> webmail products?
> At first I imagine it would only be signing. Obviously all the people on 
> the same service as you would be easily authenticated. 
> Authenticating people using the other big two webmail services could 
> easily be done by some sort of agreement between the Big Three players. 
> Mayb even toss in AOL whilst we're at it.
> Hopefully, by then, unsigned email would start to be in the minority. 
> Also, potentially, since crypto has been built in more or less 
> transparently to the end user mail can start to be encrypted as well as 
> signed (although that's far less likely since then then wbemail 
> companies can't data mine your inbox).
> The big problem, of course, is allowing people not using those services
> to participate in such a way that doesn't also allows spammers to keep
> going and also doesn't boil down to "use a whitelist".

yep.  You'd have just solved Authentication but not Reputation:


> This is the step just before "Profit!" and just after "Steal 
> Underpants!". When I work it out, I'll make my millions and retire into 
> the life of the Gentleman Scientist.

Ah, the life of the Gentleman Scientist.  it's the dream, alright ;)

hey, btw, another point on the "if we all used PGP we'd be fine" argument:
look into DKIM.  It's a well-supported, IETF-standards-track protocol
which basically offers crypto signing, built transparently into the
existing SMTP protocol, without requiring rewrites of MUAs and
the problem that users can't use PGP without brain surgery.


More information about the FoRK mailing list