[tor-talk] Secure email with limited usable metadata
Andreas Krey
a.krey at gmx.de
Tue Jul 2 06:15:39 UTC 2013
On Mon, 01 Jul 2013 22:18:06 +0000, coderman wrote:
...
> you should assume this number will always approach anything greater
> than zero; and how do you handle a reduction? axe clients without
> prejudice?
Put new clients into the next instance of this service, formally
operated by someone else?
> better option: end-to-end only, usable privacy that is secure by
> default - the only mode is secure. then you can publish "lawful
> intercepts" of ciphertext without risk to any users.**
Lawful intercepts also include the access metadata (which I assume to
be equally secure here), and access to the emails themselves. While
encrypted the service still has to know source and destination to
some extent.
Also, LI interception is a cost factor.
> if you're forced to cooperate with active malware explotation of
> customers through assisted MitM via your services it is time to pull
> the plug and announce while you find a sane jurisdiction.
I guess under NSLs this could be construed as publishing same,
so the NSL effectively forces you to stay in business.
Andreas
--
"Totally trivial. Famous last words."
From: Linus Torvalds <torvalds@*.org>
Date: Fri, 22 Jan 2010 07:29:21 -0800
More information about the tor-talk
mailing list