[messaging] Pond-like tokens for email (was: TOFU to ease PGP key discovery)

Trevor Perrin trevp at trevp.net
Tue Feb 10 22:52:20 PST 2015


On Mon, Feb 9, 2015 at 5:13 PM, elijah <elijah at riseup.net> wrote:
>
> (4) Metadata, mega woes. There are many approaches, but Pond's is
> probably the best. The cool thing is that direct delivery to recipient
> provider can be an opportunist option when the recipient supports it.
> LEAP is one of the parties that will soon start on the PANORAMIX project
> from George Danezis to develop and deploy a new mix network
> infrastructure. We plan to use this for user -> server direct delivery
> of email (in addition to server-to-server).

This seems important, let me try to unpack it:

By Pond's approach, I think you mean recipients hand out one-time
delivery tokens to their senders, so their mailbox can accept messages
or blacklist senders without learning the sender?

I like that too, hopefully it could serve as an antispam mechanism
that doesn't need plaintext scanning or sender reputations.  So it
would allow encrypted messages to flow in an email-like environment,
and also enable direct delivery between (potentially anonymized)
senders and the recipient's mailbox.  So delivery over Tor becomes
possible (or something better - perhaps higher-latency - than Tor.
PANORAMIX sounds cool, hope to learn more).

The hard part is provisioning initial tokens.  I'm not enamoured of
Pond's "PANDA" - some people like it, but I think having to agree on a
shared secret with your correspondent = yuck.  So it would be nice to
have other options.

I think one option you're suggesting is an "in-band" exchange of
tokens (similar to bootstrapping encryption off an in-band exchange of
public keys).  This wouldn't hide the fact that people communicated
once, but after an initial email exchange, further communications
would be opportunistically encrypted and sent over the anonymity
network.

Anyways, that's a great bundle of ideas - it seems promising to try to
apply delivery-tokens more broadly, and to find other ways of
initially provisioning them.

Trevor


More information about the Messaging mailing list