[Discuss] email privacy/security

[Richard Pieri]

Kent Borg wrote:
> Requiring them to take active measures in advance of the communication
> (MitM attacks) or even afterwards (human intervention) harms their
> economics *enormously*.  Orders of magnitude.

What harm? The NSA has an effectively unlimited budget. The only real 
cost is time and that's short-circuited by knowing precisely where the 
weaknesses are in commercial-grade ciphers like RSA and AES.

If your foes include lesser organizations then maybe you are correct. It 
depends on what resources they have to bring to bear.


> Let's make it harder.  Yes, a web of trusted certificates is hard to
> make air tight.  Okay, don't insist it be air tight.  If end-to-end
> encryption started to became common, even on a hodge-podge of
> self-signed certificates, the howls of protest from the spies would
> become deafening: because it would make their task much, much harder.

Y'know... this was me 25 years ago. I was dismissed as a crackpot.

The vindication is bitter-sweet.

-- 
Rich P.