Re: [Endymail] Off we go...
Frank Li <frankli@cs.berkeley.edu> Thu, 28 August 2014 21:43 UTC
Return-Path: <frankli@cs.berkeley.edu>
X-Original-To: endymail@ietfa.amsl.com
Delivered-To: endymail@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id D86CE1A6F28
for <endymail@ietfa.amsl.com>; Thu, 28 Aug 2014 14:43:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.58
X-Spam-Level:
X-Spam-Status: No, score=-3.58 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001,
RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.668, SPF_SOFTFAIL=0.665]
autolearn=ham
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id jrgnc8c2NlWP for <endymail@ietfa.amsl.com>;
Thu, 28 Aug 2014 14:43:02 -0700 (PDT)
Received: from cm01fe.IST.Berkeley.EDU (cm01fe.IST.Berkeley.EDU
[169.229.218.142])
(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id 90B491A6F26
for <endymail@ietf.org>; Thu, 28 Aug 2014 14:43:02 -0700 (PDT)
Received: from mail-ie0-f179.google.com ([209.85.223.179])
by cm01fe.ist.berkeley.edu with esmtpsa (TLSv1:RC4-SHA:128)
(Exim 4.76) (auth plain:frankli@berkeley.edu)
(envelope-from <frankli@cs.berkeley.edu>) id 1XN7TB-0004uo-3S
for endymail@ietf.org; Thu, 28 Aug 2014 14:43:02 -0700
Received: by mail-ie0-f179.google.com with SMTP id tr6so1704848ieb.24
for <endymail@ietf.org>; Thu, 28 Aug 2014 14:43:00 -0700 (PDT)
X-Received: by 10.50.88.72 with SMTP id be8mr41005004igb.26.1409262180286;
Thu, 28 Aug 2014 14:43:00 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.107.128.96 with HTTP; Thu, 28 Aug 2014 14:42:40 -0700 (PDT)
In-Reply-To: <9ECDC905D01276A63A779E35@caldav.corp.apple.com>
References: <53FD0B7D.8070705@qti.qualcomm.com>
<CAMm+LwjqNXrZCbXAgJjB0isTb5VCQVHmBR2X55JO6ZaBLuGZTA@mail.gmail.com>
<9ECDC905D01276A63A779E35@caldav.corp.apple.com>
From: Frank Li <frankli@cs.berkeley.edu>
Date: Thu, 28 Aug 2014 14:42:40 -0700
Message-ID: <CALeAufWsiGbAuD0Zg+o6vLEDuR+qrr841zouN-UGojfU1etbPg@mail.gmail.com>
To: Cyrus Daboo <cyrus@daboo.name>
Content-Type: multipart/alternative; boundary=089e013cbeb4a6ca1b0501b76bd4
Archived-At: http://mailarchive.ietf.org/arch/msg/endymail/kGhA3Z26ALxeqipzOwh-Ir1Umpo
Cc: Pete Resnick <presnick@qti.qualcomm.com>,
Phillip Hallam-Baker <phill@hallambaker.com>, endymail@ietf.org,
Stephen Farrell <stephen.farrell@cs.tcd.ie>
Subject: Re: [Endymail] Off we go...
X-BeenThere: endymail@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <endymail.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/endymail>,
<mailto:endymail-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/endymail/>
List-Post: <mailto:endymail@ietf.org>
List-Help: <mailto:endymail-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/endymail>,
<mailto:endymail-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Aug 2014 21:43:09 -0000
(Unrelated to previous discussion) Food for thought: One thought I had a while back was the merits of hash-based email addressing, where the address is a relatively short hash of an account's public key (just like PGP fingerprints). The idea was that the email address itself can validate the PK, and the PK can be automatically retrieved from anywhere (key servers, mail provider). This could allow a mail client to completely transparently handle key management and email encryption/decryption/signing. While the email address is non-human-sensible, the mail client can provide local user-chosen bindings, similar to how a contact book on a phone maps a name to phone #s. Certainly there are other usability challenges as well though. Perhaps proper user interfaces can make dealing w/ a hash-address not too much of a burden. Ultimately this is not really different from PGP; we're merging an email address and fingerprint in PGP into a single "hash-based" email. But the idea was that in this scheme people would only conceptually deal w/ an email address (granted non-sensible). They don't need to be aware of keys, fingerprints, or web of trust, which might help usability. Certainly the idea has issues though, food for thought. On Thu, Aug 28, 2014 at 1:57 PM, Cyrus Daboo <cyrus@daboo.name> wrote: > Hi Phillip, > > > --On August 26, 2014 at 10:23:02 PM -0400 Phillip Hallam-Baker < > phill@hallambaker.com> wrote: > > And before you start off telling me about PGP, getting that to work >> proved so tedious I gave up >> > > Right, but some major players are getting onboard with OpenPGP, as per < > http://www.pcworld.com/article/2462852/yahoo-mail-to- > support-end-to-end-pgp-encryption-by-2015.html>. So one would hope they > will tackle usability given the broad scope of their user base. > > -- > Cyrus Daboo > > > _______________________________________________ > Endymail mailing list > Endymail@ietf.org > https://www.ietf.org/mailman/listinfo/endymail >
- [Endymail] Off we go... Pete Resnick
- Re: [Endymail] Off we go... Tom Ritter
- Re: [Endymail] Off we go... Phillip Hallam-Baker
- Re: [Endymail] Off we go... Joe Hildebrand (jhildebr)
- Re: [Endymail] Off we go... Viktor Dukhovni
- Re: [Endymail] Off we go... Michael Kjörling
- Re: [Endymail] Off we go... Cyrus Daboo
- Re: [Endymail] Off we go... Frank Li
- Re: [Endymail] Off we go... Phillip Hallam-Baker
- Re: [Endymail] Off we go... Leo Vegoda
- Re: [Endymail] Off we go... Werner Koch
- Re: [Endymail] Off we go... Adam Caudill