It appears that Christopher Morrow <morrowc.lists@xxxxxxxxx> said: >a bunch of the conversation about this seems a whole lot like 'tilting at windmills'. >The fact that 'encrypted email, end-to-end, has effectively 0% market share' really >says a lot about it as a product. It really feels like a lot of the threat models are stuck in the distant past. In about 1990 a guy named Brad Councilman ran an early e-commerce site to sell used books, both from his bookstore and from other stores, and provided e-mail accounts to those other stores. He was accused (falsely, it later turned out) of using procmail to make copies of his competitors' mail, and a long and complicated court case turned on the detail of whether mail was "in transit" or "in storage" for the moment when procmail putatively made the copy. We uucp users used bang paths to route mail through long chains of hosts to limit phone costs and Internet mail had at least two different ways to say to route a message through intermediate hosts, the official one and the percent hack, to get around connectivity gaps. You know what? Mail doesn't work that way any more. It all goes directly over the Internet from the sending host to the recipient host. STARTTLS prevents snooping in transit, and MTA-STS lets you detect attempts to snoop by host spoofing. The plague of spam and malware makes it essential for the recipient system to be able to look inside the mail and decide if it's worth delivering. Maybe some people don't trust their mail providers, but considering how many mail users use ad-supported free mail systems, most do. So I'd be interested in a clear statement (preferably on the ietf-smtp list) what problem a proposed solution is intended to solve before arguing about the implementation details. R's, John