Secure Webmail Providers?

Rainier Wolfecastle asks: "I am looking for information on any webmail providers that support PGP/GnuPG encryption. Up until now I have been using Lok Technology's excellent service, but it appears that they have gone out of business, since their site has been unreachable for over two weeks now. I am aware of Hushmail, but that doesn't work well under Linux. I am considering using Name.Space's LokMail service (based on Lok Technology's..er...technology) but I was wondering if anyone out there has any other suggestions. Free email is coming to an end, and if I'm going to pay for it (which I don't mind at all) then I want a decent product."

Problems with Encrypted Webmail

[pete-classic]

Encrypted webmail is a tricky issue. In the final analysis you basically have to use a passphrase that is so good that you don't mind having your (encrypted) private key publicly available.

Consider that the webserver admin(s) will have access to the encrypted private key. Also consider that the webserver (process) has read access to the key. The upshot is that if anyone gets root access to the box, gets a shell under the webserver's UID, or convinces the webserver to serve up a file that it is supposed to have read access to, the only thing between your private key and an attacker is your passphrase.

I find all this unsettling to the point of believing that it can't be safely done.

If anyone knows any better, please fill me in.

-Peter

Re:Problems with Encrypted Webmail

[ehetzner]

You're correct, but I don't think that it necessarily has to be that much of a problem, if it is made clear that the passphrase for your key is far more important than most others. You would have to ask people to remember a long, randomly choosen passphrase. Do not give them a choice. If you get 128 bits of random data, turn it into radix 64, thats a 22 letter passphrase (upper & lowercase, plus 2 other characters). Now, perhaps not everybody could memorize that, but even if it were written down & kept secure, it would keep most people's key reasonably secure.

Another solution could be to have 128 bit (22 character) key that is again encrypted by a memorized passpharse. The user could write down the key, but even if this were compromised, it would still be at least secure for long enough to generate anohter key (not public/private key) & passphrase.

Re:Problems with Encrypted Webmail

[pete-classic]

Are you serious?

I can barely remember my phone number. It is only 10 digits, and the first three are a gimme. I'm supposed to remember "iDclyWnIxwaJcSOWNLcj" or some junk?

And this has no real impact on the trust issue. What prevents the webserver admin from having the webmail software log all incoming passphrases?

I harp on this becasue if I can trust my mail admin (and you trust yours) half the battle is already won.

-Peter

Re:Problems with Encrypted Webmail

[anthony_dipierro]

Not if the passphrase is only given to the java applet. Of course that's only useful if the java signing key is on a separate computer, and you've code reviewed the source code of the applet yourself before signing it.

Re:Problems with Encrypted Webmail

[ehetzner]

Yes, I'm serious. Have a java applet which does enccryption on the client computer. This is what hushmail does.

If you read my post, you'd realize that I suggested that a person could write down their key. I myself don't consider this much of a problem if you keep it secure on your person. Or if the key one writes down is encrypted with a passphrase which could be memorized.

Web mail with i18n support - any?

[bertilow]

Going slightly off-topic here:

Has anyone found any web mail service that handles texts in various character encodings - notably Unicode - correctly (or at all)?

I'm really amazed how badly Hotmail et.al. handle i18n. Any message is treated as if it's in "iso-8859-1" (Latin 1, Western), and all information about the actual character encoding is just stripped off.

Correctly would of course also mean "without using HTML in e-mail messages".