On Monday 30 April 2018 09:20:20 William Morder wrote: > On Monday 30 April 2018 04:33:18 deloptes wrote: > > William Morder wrote: > > > I think that's what I said. There are two (or maybe three) > > > different issues here, which it seems are getting conflated by how > > > we keep talking about it. Number 1 is encrypting our own emails > > > sent by TDE's version of Kmail, using our own private keys. Number > > > 2 is using an encrypted email service, which not only encrypts > > > emails in transit, but also encrypts everything on the server, as > > > well as Number 3, (which was pointed out by others) encrypting > > > headers, addresses, etc. > > > > How does this would differ in terms of security compared to SSL/TLS? > > The mail servers already use TLS. > > If you don't control the private key, you don't control the readers, > > so IMO it is not a point > > The point is that not even the admins on ProtonMail can read the > content of emails, or anything stored on their servers. > > This is unlike Gmail (for example), who also use SSL and TLS, but > obviously they have some kind of automated way to read the content of > our emails and know who are all our correspondents. > > And I don't imagine that my Zoho account (or any other) is much better > in that regard. Zoho is better only in that they do not bother me with > useless hoops to keep jumping through; whereas in the case of Gmail, I > kept getting shut out of my own accounts, merely because I sometimes > logged in from different locations. > > > > My own problem is that I have correspondents who talk about > > > wanting to use encryption, but don't seem to know how to do it. I > > > can send encrypted emails, but they don't seem to be able to read > > > them. They can send encrypted emails, but then I can't read them. > > > And those who claim to know what they are doing are generally too > > > busy to spend time on getting it right. > > > > Not only your problem, but we can not force anyone to use something > > - if they want, they can. If they can not - they don't want. My > > personal experience shows that people that really need it, also use > > it. > > Yeah, there's the rub. *SIGH* > > > > So perhaps a few of us (here on the TDE list) could work this out > > > among themselves, if they can find somebody that they trust? > > > > This is the point. When you really want to trust someone, you > > probably would meet him/her and exchange keys face to face. > > This is super-paranoid, yet also correct. I have various tricks for > communicating, which do not depend on anything to do with computers or > networks, but rather use items in the real physical world. (This is > just for communicating in case of an emergency, when other means are > not trusted.) > > I just want to be sure that some of my friends, who live in places > that are more dangerous than the US, UK or EU, do not suddenly > disappear. What may seem perfectly innocent here is not necessarily > perceived in the same way where they live. > > > Anything else is somehoe > > dubious - but can also work if the one can confirm his/her key. > > The point is that the verification can not be replaced by a machine > > or application. You and only you are entitled to mark the key as > > trusted. > > > > > > > > I include my signature on purpose now. It does not make any sense to > > encrypt messages destined to the user group. But this is an example. > > > > > Otherwise, you have right there the need for using ProtonMail or a > > > similar email service. > > > > I still don't see any advantage, except that the server is secure > > and not under US or EU law. Which means the probability to shut it > > down, or confiscate it, like it happened in US is much lower. > > > > regards > > Well, at least your email came through here as an encrypted message. > But yes, it makes no sense to use encryption for the mailing list > (except for testing purposes, which is what I meant). All our messages > here are published online, for anybody anywhere to read. > > I have generated my key, but somehow or other Kmail doesn't want to > send when it is signed and/or encrypted. > > Bill > Heck, I've fooled around because I do get signed messages, but I've yet to figure out how to get a successfull verification that the signage is correct. Setup needs help with setup. Humm, isn't that a circular dependency? ;-/ > --------------------------------------------------------------------- > To unsubscribe, e-mail: > trinity-users-unsubscribe@xxxxxxxxxxxxxxxxxxxxxxxxxx For additional > commands, e-mail: trinity-users-help@xxxxxxxxxxxxxxxxxxxxxxxxxx Read > list messages on the web archive: > http://trinity-users.pearsoncomputing.net/ Please remember not to > top-post: > http://trinity.pearsoncomputing.net/mailing_lists/#top-posting -- Cheers, Gene Heskett -- "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) Genes Web page <http://geneslinuxbox.net:6309/gene> --------------------------------------------------------------------- To unsubscribe, e-mail: trinity-users-unsubscribe@xxxxxxxxxxxxxxxxxxxxxxxxxx For additional commands, e-mail: trinity-users-help@xxxxxxxxxxxxxxxxxxxxxxxxxx Read list messages on the web archive: http://trinity-users.pearsoncomputing.net/ Please remember not to top-post: http://trinity.pearsoncomputing.net/mailing_lists/#top-posting
