2014-01-18

[Technology] E-mail encryption

In an ideal world, everyone would be able to make use of encryption in their daily life and communications. The other day, I had a mild challenge setting it up with a friend.  Basically, Apple Mail wants to handle encryption via S/MIME using certificates, which is typical of most enterprise usage.  Evolution can do that, but I'd prefer to do it via GPG/PGP using public-private keys.  The main reason is because I find that approach is more usable for personal use.  (Self-signed certificates are a bit annoying, and I find it a bit more involved to generate your own certificate.)



We finally settled on using GPG Tools for Apple Mail.  Next we had issues where I had to trust his key, which worked out, but left me wishing that GNOME had a better interface for handling keys.



Ideally to me, everyone would have a public-private key pair and have some concept of how it was used.  I'd be happy for roaming usage if they kept their private key on a tiny USB computer that you could plug into any other computer, and would have a partition the foreign computer could see, and a partition only the computer on the USB could see.  You'd drop content into the public partition and the computer would see it and sign it with the private key (which is on the private partition, so a foreign computer can't just grab it).   It could also handle data other than files copied over.  If enough software understood that there was a USB key providing a signing/encryption service, they'd have decent interfaces for requesting the USB key computer sign an e-mail or an instant message.  This (or some other solution to securely using a private key out and about) hopefully already exists. :)  (I'd imagine the USB key computer would have a button on it that you press when you approve of it signing/encrypting something.) 



Basically, I just want encryption to be easy for users and to reduce the chance of people compromising their keys.



But of course, with encrypted e-mail, there's the problem of how can you make use of webmail and its search services without allowing a third-party e-mail provider access to the plain text of messages?  I find the conveniences of Google generally worthwhile, and difficult to achieve without a large centralised infrastructure.  Hmm.

Dieses Blog durchsuchen

Labels

#Technology #GNOME gnome gxml fedora bugs linux vala google #General firefox security gsoc GUADEC android bug xml fedora 18 javascript libxml2 programming web blogger encryption fedora 17 gdom git emacs libgdata memory mozilla open source serialisation upgrade web development API Spain containers design evolution fedora 16 fedora 20 fedora 22 fedup file systems friends future glib gnome shell internet luks music performance phone photos php podman preupgrade tablet testing typescript yum #Microblog Network Manager adb apache art automation bash brno catastrophe css data loss debian debugging deja-dup disaster docker emusic errors ext4 facebook fedora 19 gee gir gitlab gitorious gmail gobject google talk google+ html libxml mail microsoft mtp mysql namespaces nautilus nextcloud owncloud picasaweb pitivi ptp python raspberry pi resizing rpm school selinux signal sms speech dispatcher systemd technology texting time management uoguelph usability video web design youtube #Tech Air Canada C Electron Element Empathy Europe GError GNOME 3 GNOME Files Go Google Play Music Grimes IRC Mac OS X Mario Kart Memento Nintendo Nintendo Switch PEAP Selenium Splatoon UI VPN Xiki accessibility advertising ai albums anaconda anonymity apple ask asus eee top automake autonomous automobiles b43 backup battery berlin bit rot broadcom browsers browsing canada canadian english cars chrome clarity comments communication compiler complaints computer computers configuration console constructive criticism cron cropping customisation dataloss dconf debug symbols design patterns desktop summit development discoverability distribution diy dnf documentation drm duplicity e-mail efficiency email english environment estate experimenting ext3 fedora 11 festival file formats firejail flac flatpak forgottotagit freedom friendship fuse galaxy nexus galton gay rights gdb german germany gimp gio gjs gnome software gnome-control-center google assistant google calendar google chrome google hangouts google reader gqe graphviz growth gtest gtg gtk gvfs gvfs metadata hard drive hard drives hardware help hp humour ide identity instagram installation instant messaging integration intel interactivity introspection jabber java java 13 jobs kernel keyboard language language servers languages law learning lenovo letsencrypt libreoffice librpm life livecd liveusb login lsp macbook maintainership mariadb mario matrix memory leaks messaging mounting mouse netflix new zealand node nodelist numix obama oci ogg oggenc oh the humanity open open standards openoffice optimisation org-mode organisation package management packagekit paint shedding parallelism pdo perl pipelight privacy productivity progress progressive web apps pumpkin pwa pyright quality recursion redhat refactoring repairs report rhythmbox sandboxes scheduling screenshots self-navigating car shell sleep smartphones software software engineering speed sql ssd synergy tabs test tests themes thesis tracker travel triumf turtles tv tweak twist typing university update usb user experience valadoc video editing volunteering vpnc waf warm wayland weather web apps website wifi wiki wireless wishes work xinput xmpp xorg xpath
Powered by Blogger.