💾 Archived View for bbs.geminispace.org › u › jeang3nie › 928 captured on 2024-02-05 at 14:40:28. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2023-12-28)
-=-=-=-=-=-=-
Re: "Thoughts on the draft spec"
Any way you encrypt it, the receiver must have the key to decrypt it. So the question becomes, how do you get the key to the receiver without sending it the the server first? It's the proverbial chicken and egg proglem. Pgp may suck, but it at least is a solution. Unless someone has a really actually nice solution I can't see making it a required part of the spec.
2023-05-24 · 8 months ago
🦀 jeang3nie · Sep 25 at 14:22:
The spec doesn't go into how mail is stored and fetched, only the transmission. Servers and clients are pretty much free to invent.
If I eventually finish my implementation, the general idea is for a multi user system where the users all have shell accounts, as they would on a Pubnix. You log in and can view your mail with a simple pager or text editor. That provides a really sturdy fallback. On top of that, a webmail like system could eventually be built that serves your mailbox over Gemini using the same pubkey you use to send mail for access.
Thoughts on the draft spec — Misfin is a nice idea, but I'm worried that it doesn't make sense to replace email with something lacking end-to-end encryption. A server on a multi-user system gets the plaintext of messages to its users. It's fine if you run the server on your own home server, but I guess that wouldn't be the typical configuration. I wonder if it would be feasible to work in a PGP-like mechanism using the same client key as in the client certificate... Some other little thoughts...