[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: How do you manage encrypted mail?

(Top-posting seems more natural on this one, since my response is a general response, but we seem to have list participants who prefer rules to reason ((8-*)), so I'll pick random places to insert my comments. Hope I don't lose focus.)

On Wed, Jul 3, 2013 at 3:22 AM, Richard Lawrence <richard.lawrence@berkeley.edu> wrote:
John Hasler <jhasler@newsguy.com> writes:

> Do you really need to archive each message in individually encrypted
> form?  If you are concerned about the security of local copies I would
> think you would already be using disk or file system encryption.

No, I am OK with keeping unencrypted local copies, at least on my home
machine.  I only expect "pretty good" privacy over the pipes, not
"protection from an FBI home raid" privacy for local copies of my email.
(I don't use disk encryption but probably should.)

The issue is simply: what's the best way to do this?

Ain't no such thing.
 
My setup uses
offlineimap to sync a Gmail account (berkeley.edu's institutional
choice...) to a local Maildir.  Mutt only temporarily decrypts messages
when I read them, unless I manually store an unencrypted copy somewhere.

Definitely one way to do it.
 
So to accomplish the suggested setup conveniently with the programs I
currently use, I think I would need to:

1) Tell Mutt to automatically save messages somewhere when I decrypt
them.  (Is there an option for this?  I only see fcc_clear, which is for
outgoing messages.  Should I call decrypt-save from message-hook?)

Sounds workable, except then you have to
 
2) Tell offlineimap *not* to sync the decrypted messages folder back to
Gmail. (Easy enough with offlineimap filters.)

which points out one part of the reasons we haven't seen enough standard practices showing up yet.
 
3) Tell notmuch to index the decrypted messages folder.  (Again, should
be easy enough.)

Does that sound reasonable?  Do others have similar setups?

I find it sort of telling that I didn't come across recommendations for
setting things up this way when I was configuring these programs.

What does it tell you?

It tells me that there sure are a lot of different ways people are doing this. Why do you think that would be?
 
 I'm a
bit surprised that there doesn't seem to be a "standard" solution for
reading and searching archived mail that arrived encrypted.  (I'm also a
bit dismayed, since part of my concern is to find a solution that
doesn't just work for me, but to which I can point non-technical users
when I ask them to send me encrypted messages.)  It still feels very
much like email encryption is possible for the dedicated, but
inconvenient enough for the average user -- and even for fairly
technical users -- that most will avoid it.

You're looking at the reason, can you see it? (I'm not being rude, I'm asking a question.)
 
I guess I'll try to write up a blog post about how I solve these
problems, once I get a working configuration.  A more comprehensive
solution will have to await someone more talented than me.

The standard solution is going to require charisma more than talent.

Which might point you to the biggest problem when trying to establish "secure" communication lines.

Speaking of blogs, maybe I should, but nobody reads my blogs except my students and my nieces and nephews. And I really have stuff I need to do today, and this is one of those topics that even randomly ranting about is going to consume the whole day. (Not that my rantings ever exceed the random level.)

Anyway, it gets back to the primary on-going sins of Microsoft. And Apple and Oracle and whoever else is currently contending for the charismatic leader position.

The platitude: if you establish a standard practice or pattern for security, everyone has the same back door.

Or, backing up even further, one man's secured fortress is another man's free swim beach. But backing out that far that doesn't point to answers.

HTH

--
Joel Rees
Reply to: