* Posts by vdukhovni

2 publicly visible posts • joined 8 Apr 2020

Something something DANE cook: Microsoft pledges to wrap its email systems in secure anti-snooping protocol


Re: Let me see if I understand this...

No, actually the customer demand for DANE came from Europe, which is also where you'll most of the existing adoption. Netherlands, Germany, Sweden, Czech republic, Denmark, Norway, Belgium, ...

Of course for privacy of your own stored email you might self-host (mailinabox.email) or choose a provider that specifically serves privacy-oriented users (protonmail, tutanota, posteo, ...).

Note of that means that mail transport should be unprotected, there's plenty of sensitive metadata even in end-to-end encrypted email, when sender, recipient and headers are in the clear.

It makes to protect transmission, and as appropriate also take the convenience cost of encrypted storage. For most users, encrypted storage fails cost/benefit analysis, but transparently encrypted transmission is not a burden.


Re: Let me see if I understand this...

The reasons why WebPKI is a poor fit for email are explained in section 1.3 (and subsections) of the SMTP DANE RFC:


As for end-to-end email encryption, it will remain as impractical 10 years from now as it has been for the last 20. Encrypted email is difficult to search, difficult to protect from malware and spam, and most users really would not want to use it. A few OS releases ago Apple have disabled S/MIME support in Mail.app for lack of interest. I can still read the handful of encrypted messages in my mailbox, but can't send any new ones, and mostly would just make life harder for the reader...