Month: April 2018

Re: [trinity-users] Re: Kmail-TDE-PM-pgp

From: Gene Heskett <gheskett@...>
Date: Mon, 30 Apr 2018 11:07:07 -0400
On Monday 30 April 2018 09:20:20 William Morder wrote:

> On Monday 30 April 2018 04:33:18 deloptes wrote:
> > William Morder wrote:
> > > I think that's what I said. There are two (or maybe three)
> > > different issues here, which it seems are getting conflated by how
> > > we keep talking about it. Number 1 is encrypting our own emails
> > > sent by TDE's version of Kmail, using our own private keys. Number
> > > 2 is using an encrypted email service, which not only encrypts
> > > emails in transit, but also encrypts everything on the server, as
> > > well as Number 3, (which was pointed out by others) encrypting
> > > headers, addresses, etc.
> >
> > How does this would differ in terms of security compared to SSL/TLS?
> > The mail servers already use TLS.
> > If you don't control the private key, you don't control the readers,
> > so IMO it is not a point
> The point is that not even the admins on ProtonMail can read the
> content of emails, or anything stored on their servers.
> This is unlike Gmail (for example), who also use SSL and TLS, but
> obviously they have some kind of automated way to read the content of
> our emails and know who are all our correspondents.
> And I don't imagine that my Zoho account (or any other) is much better
> in that regard. Zoho is better only in that they do not bother me with
> useless hoops to keep jumping through; whereas in the case of Gmail, I
> kept getting shut out of my own accounts, merely because I sometimes
> logged in from different locations.
> > > My own problem is that I have correspondents who talk about
> > > wanting to use encryption, but don't seem to know how to do it. I
> > > can send encrypted emails, but they don't seem to be able to read
> > > them. They can send encrypted emails, but then I can't read them.
> > > And those who claim to know what they are doing are generally too
> > > busy to spend time on getting it right.
> >
> > Not only your problem, but we can not force anyone to use something
> > - if they want, they can. If they can not - they don't want. My
> > personal experience shows that people that really need it, also use
> > it.
> Yeah, there's the rub. *SIGH*
> > > So perhaps a few of us (here on the TDE list) could work this out
> > > among themselves, if they can find somebody that they trust?
> >
> > This is the point. When you really want to trust someone, you
> > probably would meet him/her and exchange keys face to face.
> This is super-paranoid, yet also correct. I have various tricks for
> communicating, which do not depend on anything to do with computers or
> networks, but rather use items in the real physical world. (This is
> just for communicating in case of an emergency, when other means are
> not trusted.)
> I just want to be sure that some of my friends, who live in places
> that are more dangerous than the US, UK or EU, do not suddenly
> disappear. What may seem perfectly innocent here is not necessarily
> perceived in the same way where they live.
> > Anything else is somehoe
> > dubious - but can also work if the one can confirm his/her key.
> > The point is that the verification can not be replaced by a machine
> > or application. You and only you are entitled to mark the key as
> > trusted.
> >
> >
> >
> > I include my signature on purpose now. It does not make any sense to
> > encrypt messages destined to the user group. But this is an example.
> >
> > > Otherwise, you have right there the need for using ProtonMail or a
> > > similar email service.
> >
> > I still don't see any advantage, except that the server is secure
> > and not under US or EU law. Which means the probability to shut it
> > down, or confiscate it, like it happened in US is much lower.
> >
> > regards
> Well, at least your email came through here as an encrypted message.
> But yes, it makes no sense to use encryption for the mailing list
> (except for testing purposes, which is what I meant). All our messages
> here are published online, for anybody anywhere to read.
> I have generated my key, but somehow or other Kmail doesn't want to
> send when it is signed and/or encrypted.
> Bill
Heck, I've fooled around because I do get signed messages, but I've yet 
to figure out how to get a successfull verification that the signage is 
correct. Setup needs help with setup.  Humm, isn't that a circular 
dependency? ;-/

Cheers, Gene Heskett
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page <>