p2p email: Virtual Email Institutions for Thunderbird

Joshua Cranmer 🐧 Pidgeot18 at gmail.com
Mon Aug 4 22:58:01 UTC 2014


On 8/4/2014 4:24 PM, Randolph wrote:
> Hi Joshua,
> good that you thought already about how to strengthen encryption in T-Bird.
> You are a non-mover, right? Doing the basics with great efford and
> emphasis, focussing the obstacles within new ideas and not prepared to
> through your done research away and request a branch playground for
> others instead of adding yourself to the sandboxes? Kidding... As
> said, I appreciate if encryption is fostered.

My day job is an academic researcher. This imparts on my some biases: 
first, I (try to) carry an inherent skepticism of proposals I see; 
second, I try to understand the state of the art to understand why 
things exist the way they do. I haven't had time to look at the 
technical details of your proposal in detail, so I've avoided trying to 
talk about them.

One of the hardest things to do (which I can speak to from experience) 
is to exhibit skepticism in one's own work. And while I know you were 
somewhat jesting when you accused me of being jealously protective of my 
own work, I am being completely serious when I ask if you have tried to 
find all of the problems and pitfalls of what you describe.

> The echo protocol is more: it allows users to create own servers
> easily, is fully encrypted without any interface or securtiy handshake
> thoughts as plugin solutions like pgp offers and has new thoughts
> about graphs and connectio- metadata. Please see adaptive echo
> described in the Wikipedia.

I've been trying to avoid talking protocol details, as mentioned 
earlier. My initial forays did exhibit some ... flashing neon signs, to 
put it lightly. The most valid criticism I can make without needing to 
know too much detail in this:

Secure products that are not usable by the general public can be worse 
than insecure. What usability studies have been done on your own software?

> Your reply ist most about strategy. :) So you are one of the leaders
> of this for Thunderbird? I suggest to integrate the supporters of
> T-Bird more in your research, these people are very helpful, as well
> for you. So my request would be to think together about encryption.
> What are your ideas and findings in research about Cryp-to-Bird?

Most of my discussions on email can be found at my blog, 
<http://quetzalcoatal.blogspot.com>; I've not finished the discussion on 
security, though (life intervened).
> as Joshuha said, chat is present, but neither OTR nor encryption, the
> question wether the spot-on kernel handles chat or email is easy: it
> does both, and the request is to first start with email type.
OTR just needs someone to implement it (someone in fact did start 
implementing it).
> Joshua,
> you play an important role on this and I would like to test with you
> the key and connections. I will send you my key in another email,
> please tell me first, if you install the binary or build the current
> svn yourself.
My time is already claimed by far too many obligations. That I have time 
to participate in this email thread is actually a surprise given a 
last-minute decision that changed my status from "unavailable" to "busy."

-- 
Joshua Cranmer
Thunderbird and DXR developer
Source code archæologist




More information about the tb-planning mailing list