[Freedombox-discuss] Idea for cross freedombox email system not leaking metadata

Jonathan Wilkes jancsika at yahoo.com
Mon Oct 20 22:14:01 UTC 2014


Bjarni,
What options are you exploring for funding?

Unfortunately, I do not have any suggestions.

-Jonathan



On Monday, October 20, 2014 3:54 AM, Bjarni Runar Einarsson <bre at pagekite.net> wrote:
 


Hi Jonathan!

Jonathan Wilkes <jancsika at yahoo.com> wrote:
> Does your design include perfect forward secrecy for the pairs
> communicating over SMTorP?

We recommend using TLS over the Tor circuit, and will probably recommend
using a cipher which provides PFS.

However, encryption of the messages themselves (if they are encrypted)
is using OpenPGP, which does not provide PFS. So if the user signs the
message, there is no deniability.

> Also, what is your plan to sustainably fund the GUI work, user studies,
> and the work on professional documentation?  (I.e.,
 those aspects which
> tend to get little to no attention in a free software community like
> this one.)

This is one of the hard parts of the project. We funded our first year
of work using an IndieGoGo crowdfunding campaign, but that is not
sustainable. We're exploring our options and are optimistic, but it is
not a solved problem yet. If you (or anyone) has recommendations on this
front we're all ears.


- Bjarni

-- 
I make stuff: www.mailpile.is, www.pagekite.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20141020/068da2b1/attachment.html>


More information about the Freedombox-discuss mailing list