Is mass adoption of secure email possible?
25 years after the publication of PGP and we are still failing on encrypting email. Few people use OpenPGP today, 3 years after the Snowden revelations. Why did we fail up to now on getting email encryption mass adoption? We used to create over bloated tools that required great knowledge on cryptography to be used. As trainers we used to scare people by showing every tinny detail of the crypto. As users we had fail on seeing the need of secure communications. It looks like now there is interest on using secure email. Trainers are changing focus like the cryptoparties that now are less technically scary or documentation like ssd.eff.org more oriented towards simplicity. Many projects are working on making email encryption accessible like whiteout, tutanota, mailpile or leap. There is still technical challenges to fix. The way we use OpenPGP to encrypt emails leaks tons of metadata. Email headers like the subject are not secured. Connections between servers are easily eavesdrop by active attackers. Can email be saved or should we forget about it and create another communication protocol? There is many projects working on redesigning email from scratch like pond, bitmessage or dark mail. But today most people already have an email account, will be hard to create a new protocol incompatible with it and get it adopted massively. I will give a fast overview of the status of secure email today and open a debate to discuss about it.
|Is mass adoption of secure email possible?|
|Presenter/s||dkg facilitating talk!|