Nelson Bolyard wrote: >Erik >Let me try asking my question another way. >You're trying to solve some problem with encryption. >Can it be solved through the use of SSL (through https) ? >Alternatively, Can it be solved through the use of something like S/MIME ?
Indeed very valid questions. Let me put another one: If you for some reason conclude that message encryption in the browser is essential, how is the user going to select the proper encryption certificate? In S/MIME you have this more or less for free, since the recipient's mail address is a suitable locator. In a web environment it seems that there is no obvious recipient except for the web server itself but then you are back to Nelson's question: why not rather use SSL (https)? Is this actually a web-mail client with S/MIME support? I find message encryption is a web mail environment pretty dubious since there is no way to save messages during edit (or having any kind of interaction) without giving the information to the server anyway. That is, unless you start requiring the user to key in token PIN-codes for all save and retrieve operations. This would indeed be an "industry first" :-) Anders _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
