[messaging] is E2E webmail commercially feasible? (was Re: The Simple Thing)

Andy Isaacson adi at hexapodia.org
Sat Sep 27 05:29:46 PDT 2014

On Thu, Sep 25, 2014 at 01:48:06AM -0700, Trevor Perrin wrote:
> Bigger question:  Is this a route to widespread OE?  Or is this
> something only a tiny fraction of users would turn on?
> Widespread OE for email seems hard.  Much of the userbase is on
> browsers, relying on ad-funded infrastructure and server search.
> Worse, to manage spam it seems like email has evolved to be fairly
> hostile to content encryption, identity-hiding, and
> relationship-hiding.
> So if we're not attempting OE, and we just want email-like messaging
> for the small population that will install special security tools, I
> guess I'm not sure why should build those on email at all (vs
> Pond/Petmail, SMTorP, etc.)?

I wonder if this is completely true.  I've been quite pleasantly
surprised by the pro-privacy rhetoric and actions coming out of
traditionally user-privacy-hostile shops like Apple, Microsoft, and
Yahoo.  I don't know for sure, but I suspect that some of the other
stack vendors have identified a weakness in Google's business model and
are attempting to exploit it.  (It seems to me that Google is *really*
good at monetizing user's data by looking at it in aggregate.  If
another vendor gets only a small benefit from that monetization because
they're not as good at it, then one business ploy is to take away your
competitor's advantage by making that monetization more difficult.)

If it is true that Hotmail or Yahoo were willing to forego revenue from
content sensitive advertising, it might be possible to build a business
case for in-stack OE with E2E semantics and an interoperability story.

As a case in point, Apple does seem to have built an actual E2E secure
iMessage. (To my great surprise.)

Solving the business case for E2E email still leaves us with the search
problem, though.  I've got no bright ideas for how to solve that.


More information about the Messaging mailing list