Showing posts with tag: #pgp
|
OCTADE
|
In response to this post Off the top of my head I can think of one alternative if metadata confidentiality or anonymity matter: Bitmessage: https://github.com/Bitmessage/PyBitmessage Bitmessage hides non-content metadata and uses a flood mixnet to unlink sender and receiver from eavesdropper view. There is no alternative for email. Email clients support PGP and that's it. PGP does guarantee authenticity of a message due to digital signatures. PGP does not hide metadata about sender and receiver. If you want truly confidential communication you have to set up a private pipeline. If you are using a public paid or free email service, you have zero confidentiality. Even if your message is encrypted, the email operators know who you are talking to. #PGP #Email #Encryption #Privacy
Tags: #pgp #email #encryption #privacy Mentions: @phlogiston@mastodon.nz Likes: 0 Replies: 0 Boosts: 0 |
|
Guy
|
I was wondering ... as #email encryption via PGP/GnuPG is not suitable for true and ongoing end-to-end confidentiality. But what about authenticity of mails? I dislike S/MIME for its corporate nature, and #PGP via PGP/MIME is well enough supported by many (free) mail clients. What's the #cryptography or #security community's view on PGP for signing emails? Or what would a suitable alternative be? I haven't come across any, though. 1/2
Tags: #email #pgp #cryptography #security Likes: 0 Replies: 2 Boosts: 0 |
|
Calisti π³οΈβππ¦
|
In response to this post Pretty great for remote-specific π GPG #git commit signing configuration, too!
Likes: 0 Replies: 0 Boosts: 0 |
Bitmessage: https://github.com/Bitmessage/PyBitmessage
Bitmessage hides non-content metadata and uses a flood mixnet to unlink sender and receiver from eavesdropper view.
There is no alternative for email. Email clients support PGP and that's it. PGP does guarantee authenticity of a message due to digital signatures. PGP does not hide metadata about sender and receiver.
If you want truly confidential communication you have to set up a private pipeline. If you are using a public paid or free email service, you have zero confidentiality. Even if your message is encrypted, the email operators know who you are talking to.
#PGP #Email #Encryption #Privacy
by OCTADE ;
S/MIME has two problems: itβs harder to get a free certificate (Letβs Encrypt for S/MIME could really help here) and, AFAIK, it still technically is not using modern cryptographic cipher suites (e.g. no AEAD).
It would be cool to know these problems are being resolved.
FWIW in my experience S/MIME is also quite well supported in e-mail clients. Additionally due to centralized CA nature there are no questions whether the certificate is good or not.
by Wiktor Kwapisiewicz ;