> SMTP, the protocol for sending email, rarely enforces TLS (if it’s even supported at all)
FWIW that's being less and less true. Major players like apple now automatically trash mail (I don't remember if it was marked as spam or bounced) if you try to send them a mail without TLS. I recall gmail published something similar for workspace? And I'm sure others will follow/already have, so you can probably also turn that knob for your own servers too and refuse plain mails -- with a bit of luck that'll bounce off some spam..
(This doesn't change the fact that any admin over there can probably read anything you send to someone there, I don't know.)
I remember old XMPP clients had an interface to send different kinds of messages. One was for chats and one was like a message with subject eland so on. When OMEMO arrived I always wondered if that could be used to make a mail-like system, with chats and mail-like conversations with subjects.
If you are really concerned about someone making a mistake and send mail out unencrypted, just send out an attachment with an encrypted pdf. There are many ways to create one.
On Linux/*BSD you can use qpdf to encrypt any pdf. Maybe libroffice has an option to create a encrypted pdf.
> SMTP, the protocol for sending email, rarely enforces TLS (if it’s even supported at all)
FWIW that's being less and less true. Major players like apple now automatically trash mail (I don't remember if it was marked as spam or bounced) if you try to send them a mail without TLS. I recall gmail published something similar for workspace? And I'm sure others will follow/already have, so you can probably also turn that knob for your own servers too and refuse plain mails -- with a bit of luck that'll bounce off some spam..
(This doesn't change the fact that any admin over there can probably read anything you send to someone there, I don't know.)
EDIT: oh, according to this ( https://old.reddit.com/r/crypto/comments/1q4arv5/everything_... ) enabling TLS doesn't check the host name matches anything sane? So TLS doesn't actually bring in anything, wow...
I remember old XMPP clients had an interface to send different kinds of messages. One was for chats and one was like a message with subject eland so on. When OMEMO arrived I always wondered if that could be used to make a mail-like system, with chats and mail-like conversations with subjects.
Discussion 3 days ago (8 comments):
https://news.ycombinator.com/item?id=46492810
If you are really concerned about someone making a mistake and send mail out unencrypted, just send out an attachment with an encrypted pdf. There are many ways to create one.
On Linux/*BSD you can use qpdf to encrypt any pdf. Maybe libroffice has an option to create a encrypted pdf.
I remember seeing this presentation a few years ago on the security of PDF encryption: https://media.ccc.de/v/36c3-10832-how_to_break_pdfs
I think this is a quick summary of one of their findings: https://pdf-insecurity.org/#how-to-break-pdf-encryption-nove...
This is perhaps something to be aware of.
> One of the main reasons I recommend Signal is because there is no plaintext mode to accidentally use.
We were talking about _email_.
Yes, and highlighting a failing in email that cannot be fixed, but which is addressed in other services where confidentiality is desired.
Email is not remotely comparable to Signal.
Email is a free, open source, strictly defined and consensual decentralised protocol.
Signal is a source available app and server that is not decentralised and represents a walled garden. Signal is centrally controlled by OWS.
In the context of sending something.
No need to get pedantic