[messaging] Axolotl for email

Vincent Breitmoser look at my.amazin.horse
Thu Jun 9 12:15:35 PDT 2016

> b) synchronizing the complex and changing keystore (pairwise state
>    between all correspondents) between multiple e-mail clients, since
>    many people use multiple MUAs to access a single mailbox

The obvious place to put the data is the mailbox. Mail servers via imap
are pretty okay at synchronizing immutable blobs of data, so it should
be possible technically to achieve synchronized state among all MUAs.
We can also get confidentiality and integrity for this data with a
secret shared in all MUAs, like the user's pgp key.

But I think there's a catch: We can never reliably *delete* data from
the server. This essentially breaks the properties we gain from key
erasure ("forward secrecy") in the first place. That's a huge problem,
and I'm not sure there is a way to work around it. At least not if we
want to be able to read mails from a session established by one MUA in

 - V
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20160609/29e6bfe4/attachment.sig>

More information about the Messaging mailing list