This makes me want to get started again on my Go GPG library interfaces again, but I know I’ll forget about it until the next time.
Conversation
Use modern, secure cryptography instead. Secure messaging should be done with proper secure messaging protocols. Standalone authenticated file encryption should be done with github.com/FiloSottile/age. File signing should be done with signify/minisign which have libraries available.
2
4
Should use a proper secure messaging protocol with forward secrecy, proper verification tools, session cross-signing (if relevant), etc. for that niche.
Building it out of age + signify (or far worse, PGP) is a bad idea. Separately, building it on top of email is a bad idea.
1
1
So, sure, I’ll definitely buy the forward secrecy argument. It does conflict with the idea of files encrypted at rest (unless you e.g. derive the session key from a file password, I guess?), but I’ve not kept up my studies wrt forward security.
1
It doesn't conflict with it. You're also mixing up different use cases where the proper security properties require different cryptography and approaches. Authenticated encryption + signing of files does not give you a secure messaging system. It would be misuse of age+signify.
2
2
You can use Matrix as something that's federated and can replace email. It has built-in end-to-end encryption, key distribution, forward secrecy, cross-signing of sessions, etc. Far from perfect and leaks metadata, but not as much as email, and it's drastically better than it.
1
2
If self-hosting / federation are not an important requirement then there are more private messaging systems than Matrix not leaking nearly as much metadata to servers, etc. As a federated replacement for email though, Matrix is entirely suitable already. Email is legacy like SMS.
2
2
Securing email is hopeless. It has a ridiculous amount wrong with it and even deploying authenticated transport encryption via DNSSEC+DANE, server-based anti-spoofing via DNSSEC+DMARC+DKIM, etc. has incredibly low adoption and major groups fighting against deploying it at all.
2
2
You're falling into the trap of expecting security to be some absolute ideal. In reality there are always tradeoffs between security and convenience, and sometimes ways to improve one without sacrificing too much of the other.
1
1
Email is ubiquitous, requiring no prior contact.
Email is federated, anyone can operate their own email service.
Email is asynchronous, you can read it any time later.
Anyone can send you email just by knowing your address.
These key properties come with some inherent risks.
1
1
Those properties apply to Matrix and the only barrier to using it as a replacement for email is convincing people to use it instead. GrapheneOS has almost entirely moved away from email and IRC.
External people still occasionally contact us via email but we move that elsewhere.
I feel like email is mostly unavoidable, like faxes, but mostly for bad reasons. It can be tolerated, but it’s reasonable not to actively promote its use for new things (in the hardware world,
I’d call it NRND).
Email is not a chat forum, and a chat forum is not email.
If/when Matrix has the same ubiquity as email, it will have the same problems.
[I sometimes read email in my mailbox that's 10 to 20 years old. I've moved my IMAP mail store between servers, switched server software...]