encryption

[Felipe Figueiredo]

On Tuesday 08 May 2007 17:59:39 Bart Silverstrim wrote:


> > You could probably solve this with a simple script, depending on your 
> > particular configs (maildir x mbox, MUA(s) of choice, interoperability, 
etc).
> 
> Laptop uses Mail.app, Linux system is using Thunderbird, Outlook is used 
> on the Windows system.  I would be willing to try out Balsa or KMail if 
> they have good IMAP support and support for decent filtering rules...I 
> just had the impression that Thunderbird was actively developed and 
> flexible.
> 
> The main problem I saw was making sure I had a key on all three systems 
> that was sync'd up.  Lose the key, lose the email.  Ideally I could use 
> a system that would use an algorithm each could use (like Blowfish) and 
> would base it on a password that is prompted, like interactive SSH 
> sessions.  That way I could encrypt the messages using a password at 
> either the startup of the mail client or when encrypting the message, 
> and the end recipient would also have a password to decrypt it.

It should be easy to find a way to make each MUA you use to look for the key 
in a USB key, should you find this acceptable. 

I think (though may be wrong) blowfish is intended for personal security, 
while openpgp is intented for secure communication between peers, since they 
would both need to know a password in order to use it. Although I would think 
it would suit you better semantically, I don't think it will be easy to find 
an implemented solution for this in MUAs, since it is semantically apart from 
it's main objective (that's also only my opinion). I never heard of such an 
implentation, so this is why I think what I suggested is easier. Should you 
prove me wrong, I'd surely like to know.

regards
FF