On Mon, Jan 03, 2022 at 01:10:53PM +0100, Vittorio Bertola wrote:
> As a webmail provider to several big ISPs, we offer an OpenPGP-based
> UI extension that allows users to encrypt/decrypt messages, managing
> keys etc. Not all of our customers want it, and in general, the
> feedback is that the end-user demand for e2e-encrypted email is very
> low. In the past years we put quite some educational effort in
> promoting STARTTLS and proper encryption configuration (e.g., disable
> insecure ciphersuites) and that seems to be the most of encryption
> that currently the mass market demands.
My take is that the biggest obstacle to adoption of E2E message
encryption is not key management but usability of the encrypted
content post delivery. No IMAP user-agent supports search of
encrypted messages, private key rollover, validation of long
ago delivered messages whose signing keys are now expired, ...
Nobody has ever paid enough attention to the whole lifecycle.
Just getting the message encrypted and delivered is only the
first step.
For usability, encrypted messages would need to be decrypted
by the MUA, tagged with the verification status, indexed for
(encrypted) search, re-encrypted under a long-term storage key
separate from the recipient extant private key, ...
Making search usable is particularly challenging under various attack
scenarios, but something like an encrypted AFS volume for the mailstore
(instead of IMAP) could be a first approximation, with the MUA searching
a locally cached index. For most users attacks that monitor which
blocks are accessed during search are not a relevant threat model.
--
Viktor.
