>You build it on SMTP because upgrading clients is easier than doing a clean slate redesign of ubiquitous internet protocols.
Why not just toss the whole shebang and rebuild it below that layer? Signal Protocol seems to be pretty successful here.
>Presumably we're discussing how an open protocol addition might gain any traction at all over walled garden protocols like Slack
No, I'm asking how a new open protocol can be built on top of email in a way that maintains strong backwards compatibility while offering strong security guarantees, like end-to-end encryption. I don't think it's possible.
> No, I'm asking how a new open protocol can be built on top of email in a way that maintains strong backwards compatibility while offering strong security guarantees, like end-to-end encryption. I don't think it's possible.
That's exactly what Autocrypt is doing. They're still at level 1, ie opportunistic encryption: try to encrypt if possible, default to plain-text if not. That's 100% backwards-compatible.
What we all want is a system where we are sure that messages can't be sent in plaintext. The only way this can happen is if MTAs actually read messages and check if encryption is applied; if not, reject it. That's something that can happen but by definition it can't be backwards-compatible.
> No, I'm asking how a new open protocol can be built on top of email in a way that maintains strong backwards compatibility while offering strong security guarantees, like end-to-end encryption. I don't think it's possible.
You can't have strong security guarantees with backwards compatability, because backwards compatability requires plain text sending.
Unless you're OK with limited guarantees like the UI will tell you when the mail could be sent in plain text. Or if the UI tells you the message will be end to end encrypted, it won't fallback to plain text, etc.
>You can't have strong security guarantees with backwards compatability, because backwards compatability requires plain text sending.
That's right.
>Unless you're OK with limited guarantees like the UI will tell you when the mail could be sent in plain text. Or if the UI tells you the message will be end to end encrypted, it won't fallback to plain text, etc.
Not really, the old clients would never send (or receive) end to end encrypted messages, so they don't need new UI to tell you that. That's the cost of unbounded backwards comptability.
If you want to have 100% coverage of email users, changing all clients is part of the deal. But, uhhh, good luck with that. Server based standards are an easier lift --- you could build a standard to require hop to hop encryption on mail and expect that to plausibly gain enough adoption to use over a managable time frame. Of course it would be trivial for a hop in the delivery path to subvert that and remove the request, and all hops in delivery would still have message content access; but if people like it, a large majority of servers might support it in 5-10 years.
>Of course it would be trivial for a hop in the delivery path to subvert that and remove the request, and all hops in delivery would still have message content access; but if people like it, a large majority of servers might support it in 5-10 years.
You're describing TLS, and this is already happening.
Not just TLS, but a way to say, while composing a message, if it's
can not be delivered via TLS with a valid certiticate, then don't deliver it. Which apparently already exists as REQUIRETLS https://www.rfc-editor.org/rfc/rfc8689.html
Published November 2019. I didn't see any data on support, and hadn't heard of it before looking just now.
Why not just toss the whole shebang and rebuild it below that layer? Signal Protocol seems to be pretty successful here.
>Presumably we're discussing how an open protocol addition might gain any traction at all over walled garden protocols like Slack
No, I'm asking how a new open protocol can be built on top of email in a way that maintains strong backwards compatibility while offering strong security guarantees, like end-to-end encryption. I don't think it's possible.