Email Encryption

[ViperScale]

If you could install an addon for whatever email application you use that would basically use https type encryption method to encrypt any messages sent to others who have a registered public key / decrypt your own messages others sent to you encrypted would you use it?

Unlike most email encryption methods out there the private key would never leave your computer so they can't give it out to others even if the government was the threaten them.

[kjf]

TLS/SSL (https) is a transport layer encryption method. That exists already for communications between your client and mail server.

s/mime or PGP are what you are looking for depending on the mail client you use.

For example, if I sent you a message signed with my s/mime certificate, you would then be able to send encrypted messages back to me that only I could open. If you signed the message you sent back to me, I could send encrypted messages back to you.

Mail headers and such are not encrypted. That is a failing of the e-mail system in general. TLS connections between clients and servers helps a bit there as snooping parties can't read the headers in transit.

[ViperScale]

TLS/SSL (https) is a transport layer encryption method. That exists already for communications between your client and mail server.

s/mime or PGP are what you are looking for depending on the mail client you use.

For example, if I sent you a message signed with my s/mime certificate, you would then be able to send encrypted messages back to me that only I could open. If you signed the message you sent back to me, I could send encrypted messages back to you.

Mail headers and such are not encrypted. That is a failing of the e-mail system in general. TLS connections between clients and servers helps a bit there as snooping parties can't read the headers in transit.

Naw i am currently playing around with some different ways of just encrypting content of the message. I know you will never be able to hide source and destination of where an email is going. I am looking at setting up an encryption method that lets you send the content encrypted to anyone using a public key that is posted for others to use.

Simply i am looking at building an outlook addon that when you click send it looks up for a public key for the email you are sending to and then automatically encrypts so they are the only one who can read (without going through the sending and getting signed email to start with). Most other encryption methods i have seen require creating being setup with some 3rd party system that has access to look at your messages if they wanted.

[kjf]

I gotcha.

You could try automating a lookup against this database:

https://keyserver.pgp.com/vkd/VKDHelpPGPCom.html


I couldn't find anything similar for s/mime