[Standards-JIG] Thought about serverside messages archives

Nolan Eakins sneakin at semanticgap.com
Sun Apr 16 06:20:13 UTC 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Olivier Goffart wrote:
> Possible solution: Asymmetric encryption, The server know the public key and 
> automatically encrypt message.  (the key is exchanged using JEP-0050)

That would work on securing the *archive* on an untrusted server.
Although the server still has seen the raw messages and could be tossing
them into an AT&T/NSA secret closet.

So the only gain would be that the retained archive is secure from
getting seen by possible hackers. Then again, my email archive is
nothing but a directory filled with text files stored on a central server...

> And how to make a search ?
>    - force to have a local archive
>    - Send the private key to the server with the search request.

Future note: NEVER EVER SHARE PRIVATE KEYS!

>    - Use indexing on the server. 

Any implementation of searching an archive should probably use a decent
indexer. There's plenty of open source ones out there, but this needn't
be defined in a JEP.

>> 2. Autoarchiving is not compatible with the evanescent keys used for
>> secure end-to-end encryption - so you have to trust your server and your
>> correspondant's server.
> 
> Agreed, if JEP-0027 is used, searching will not work fine.

That could be a good thing. Off the record better be off the record, so
if the encryption prevents archiving completely then that might be a
good thing.

As for searching encrypted messages, you could always tag them. An index
may also prevent a document from being reconstructed. It would still be
possible to know that a message mentioned some word. Only the context
and order would be missing.

> Another JEP could contains a file format. 
> But file transfers between client anyway require both client to be running at 
> the same time, which we can't assume in general.
> And the average user doesn't change often his main client (and he doesn't need 
> to download the whole archive on each client he use)

The server can also initiate a file transfer too. Just wanted to get
that out there before client to client transfers get out of hand.

- - Nolan


- --
SemanticGap: To act as one (TM) -- http://www.semanticgap.com/
Instant awareness & messaging * Online presence design
Cross platform and agile development
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFEQeIchuPszQVSPEARAvxTAKDFGjHt+D/29j6WEkQV/ABXj0HofQCcCjFn
jIVlwZPIaxcCv2hbAkDkKnY=
=bU5T
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: sneakin.vcf
Type: text/x-vcard
Size: 207 bytes
Desc: not available
URL: <http://mail.jabber.org/pipermail/standards/attachments/20060416/96d18bff/attachment.vcf>


More information about the Standards mailing list