[FoRK] Fwd: [IP] What It’s Like to Get a National-Security Letter

Eugen Leitl eugen at leitl.org
Mon Jul 1 06:59:43 PDT 2013


On Mon, Jul 01, 2013 at 12:40:31PM +1000, Noon Silk wrote:
> interesting read.
> 
> last line is also nice:
> 
> ------------------------------------------------------------------------------------------------------------
> 
> *Do you encrypt all your own e-mail, as a result of this stuff?*
> 
> No, that’s really hard.

No, it isn't. Encryption is easy, key management is hard.
 
> ------------------------------------------------------------------------------------------------------------
> 
> 
> implies something that many people have been saying for a while now - if we
> want people to be secure, the tools they use need to be userfriendly and
> idiotproof. quite a hard thing to achieve.

Does this look hard:

Received: from xent.com (xent.com [69.55.232.243])
        (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
        (Client CN "xent.com", Issuer "xent.com" (not verified))
        by leitl.org (Postfix) with ESMTPS id 8BA205417FA
        for <eugen at leitl.org>; Mon,  1 Jul 2013 04:41:31 +0200 (CEST)

?

You didn't even notice. StartTLS protects more SMTP in transit
than PGP or S/MIME ever could.

There are simple PGP/GNUPG gateways at MTA level which are orthogonal
to that. 

Add BTNS at IP level, and there's another layer. 

If asked why, you can say you're lazy, or ignorant (so doubly lazy).
But hard is the wrong answer.


More information about the FoRK mailing list