[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: default MTA



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256



On 12/06/13 12:29, Neil McGovern wrote:
> On Wed, Jun 12, 2013 at 08:08:17AM +0200, Daniel Pocock wrote:
>> On 12/06/13 00:02, Jeremy Stanley wrote:
>>> On 2013-06-11 23:50:01 +0200 (+0200), Daniel Pocock wrote:
>>>> Something that doesn't have these limitations:
>>>> 
>>>> http://tools.ietf.org/html/rfc2487#section-7
>>> [...]
>>> 
>>> That basically just makes the case for relying on (E)SMTP only
>>> for transporting messages, but leveraging OpenPGP or S/MIME to
>>> provide authentication and confidentiality where required (or
>>> for anonymity, Mixmaster et al).
>> 
>> 
>> OpenPGP and S/MIME don't guarantee anonymity as they don't (and
>> can't really) encrypt the headers/envelope
>> 
>> That is the type of `metadata' that allows a hostile party to
>> start building a social graph of who knows who.  Even if they
>> can't see the contents of the communications, those social graphs
>> are undesirable and an ideal solution would prevent that.
>> 
> 
> Can I just check - have we really gone from a (far too long, IMO) 
> discussion on what default MTA we provide, to replacing SMTP?
> 


Not quite, but SMTP encryption (and alternatives) are a relevant
factor for many mail server users

Whether it is relevant enough to the choice of default MTA is another
question, but for me it is relevant, because if encryption/privacy is
not there by default, then it is harder to get critical mass for (name
your solution)

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBCAAGBQJRuK9oAAoJEOm1uwJp1aqDjUEP/0abkqtXdAgQyyBDr3dAYVEK
GdKyNM/tRClVW7f6vxEYc6cClqhMHnP1LVXbZzPRkdnXXl88N0tY0Vl8M0wLCttC
qIVG5m4Nna7tIQSfcjgNlJbUR7/2jfvLKC6ofonOTsDZMHtSQI902giOOUno8+/U
JznCdDpjTmylgHPFhRR8E+6LZgrGPzmzmmQJ+Zs8FZmK3JbdDRpoct/iQiVBvzfT
+jnsOpqZXZBAh3wvE4tK8XcX2Bxgc/MJtm65oTd1QRq7zzUqFoOhANfSMgcKuIe5
xF5OahMlnnMSDYWEqmr7urE5zk4vS551+eXMAPyB09DBqDAssE96uPyGse8zgnD4
/od6+ry+5b0YebHJYaKLxRw5kduFczjkdyCWqIoFWtvw0T7SKMmir8i6T986/PEJ
SyqVvY+hKU6udfjCbhvVVWbYuFPFn/bG1cr09efC3z2tnRcS1gLDRFd0RWbmbvuZ
ieAqK+5vCKCnJvQwjuy3uN/ZJKnNBC1gavwbcSL2tC5nN9lUI5m6Hv9tQomjHtZi
0OGcT7ff3LkIQi9vPTp6sgJaydiKwi80BA99R50LGAtGOWVspu/XUDmQ4gVq9V5B
De92pQ2t041neNtReK/JMAjb7ZwYgibee40S+v4Di7ACPYjskc3Gj2xu5sSxip8H
5czvvEtRIm15lfUQuvi2
=N1IS
-----END PGP SIGNATURE-----


Reply to: