[kwlug-disc] Secure email alternative

[Paul Nijjar]

> 
> >>Yes, I understand that this is an odd set of requirements. Does such a
> >>thing exist already? I am not sure what search terms to use.
> 

> Seems like your own mail server is what you want. Host one with no
> web interface. You could force it to use passwordless SSH to
> register and login. Use TLSv1.2 and SASL to encrypt in transport.

> You did not state requirements for data encryption, so all the boxes
> are checked.

Huh. That is interesting. I had not thought about setting up an email
server that only supported local delivery. That could work nicely for
this use case. 

> >The default async behaviour of mod_offline ("if I have no record of
> >active presences, store and forward at next sign in") is enough for
> >daily use, and is a primacy reason I advocate XMPP over IRC. But
> >you can install https://modules.prosody.im/mod_mam.html and/or
> >https://modules.prosody.im/mod_smacks.html to give better
> >asynchronous guarantees (without this, clients dropping offline
> >improperly may lose messages sent in the window before the server
> >realizes). Caveat: MAM doesn't work with Pidgin/Adium yet. Bonus:
> >MAM lets clients in principle forget all history and only query it
> >online as needed, much like an email client.

I also like Nick's proposal. I also had not thought of XMPP as supporting
asynchronous communications before. 


> >Bonus: Gajim and Conversations (sadly not Pidgin/Adium nor Monal)
> >speak the experimental OMEMO protocol which gives multi-device
> >asynchronous end-to-end encryption so the admins *can't* snoop, if
> >you train your users to turn it on. More clients support OTR, but
> >that's decidedly *not* asynchronous.

This might be a good option too. 


> >Good luck. Tell us how it goes.

Unfortunately, this might not go anywhere. I am in the research stages
now. But if I implement something then I will probably let KWLUG know.

- Paul 

-- 
http://pnijjar.freeshell.org