On Sat, Aug 10, 2013 at 3:39 PM, Jerzy Łogiewa <jerz...@interia.eu> wrote: > I like to start a conversation about secure email provider > If I start new email provider now, how to guarantee security and privacy for > user? > Understanding limitation of email of course!
Within the existing email standards and limitations the world uses today... Mail services cannot guarantee this, only the user can, and every service that tries to take/manage responsibility for the user's cleartext body is both lying and a failure waiting to happen. The user cannot trust any code provided by the service or give any secret key material/access to the service. They must encrypt on their own locally with OpenGPG, EnigMail etc and then insert the output into the mail transport. > Is there some "best practice" for secure email service? > Do not host in U.S. is obvious but what more? The only thing a mail provider can do is apply privacy centered systems best practice. Logs, crypted transport, access, location, policies, peering with other mail services, etc. Because almost no one does this, there is lots of room for new providers to get these basic things right. And the demand for it just went up. If you get that right, and if the user encrypts, then only the delivery metadata remains as unfixable. Unless you hold a kill switch and burn the spool keys when things get spooky. > Lavabit method was it seems not enough. We don't know enough about the case to say yet what it was or wasn't 'enough' to be up against. We do know the system required the user to trust the service with key material (passphrase), which yields failure every time. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsusbscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
