undefined | Better HN

0 pointsfloatingatoll6y ago0 comments

> How do you solve the "won't read my emails" problem?

Have the user generate a device-local SMIME certificate for <diary@wherever.com>, register their certificate's public key with the server, have the server generate a mobileconfig that enforces SMIME when emailing anyone, and then in Mail.app change the From: address to <diary@wherever.com> when emailing the diary address. iOS will remember that From change and use SMIME to encrypt all diary messages to the public key in your keychain (which the server can't decrypt), the server can reroute the incoming mail back to you using your private key, and your device-local key is the only one capable of decrypting.

Since you're using SMIME, you'll need to use IMAP for your data store, which provides perfect compatibility to any platform that can do SMIME key generation. I'm very curious if SMIME-encrypted emails can be used as encrypted Notes on iOS, now that Notes supports IMAP accounts :)

0 comments

3 comments · 1 top-level

baby6y ago· 2 in thread

Hey! S/MIME is broken (see eFAIL) and I don’t believe there exist any mitigation’s to the attacks that have been published.

tl;dr: there exist ways to read your emails without knowing the private keys.

floatingatollOP6y ago

eFAIL documents a series of client implementation errors in a 2018 paper that allow attackers to exfiltrate plaintext by emailing you your own encrypted messages with an attacker payload.

Diary site implementations will need to carefully evaluate whether this is relevant to them or to their users, who may well have been fine emailing plaintext to begin with (if you want an encrypted diary, you probably aren’t going to use email to write in it), before they assume that it’s a concern and begin testing email clients.

baby6y ago

IIRC this is true for PGP but not for S/MIME which was broken at the protocol level.

j / k navigate · click thread line to collapse