gruene.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
Die Mastodon-Instanz für BÜNDNIS 90/DIE GRÜNEN, betrieben von Netzbegrünung e.V.

Administered by:

Server stats:

541
active users

Konstantin Weddige

Have you ever wondered what it means when you get an email that is encrypted but not signed? At the very least, it's better than being completely unencrypted, isn't it?

It turns out that's not necessarily the case. I've looked at S/MIME and found that it is possible to construct messages that, when sent to multiple recipients, are decrypted into completely different messages:

lutrasecurity.com/en/articles/

lutrasecurity.comSalamander/MIME – Lutra Security
More from Konstantin Weddige

I presented my findings yesterday at . The talk has been recorded and I'll post a link as soon as it's online.

Thanks to @sophieschmieg for giving me the idea to look into this.

@weddige We tried setting up S/MIME encryption and signing in preparation of GDPR. While we did get it to work, it was so user-unfriendly, we never even tried to get our clients to use that.

@jernej__s the usability of S/MIME (or email encryption in general) is terrible.

I believe that if we want to ever see widespread adoption, we need something like "Let's Encrypt" for email: A free service that provides certificates with basic email verification and automation to deploy it.

With the prevalence of web mailers, a (good!) certificate manager in the browser with a standardised web API for websites to use the certificates probably would also help.

@weddige Getting the certificates was probably the easiest part of procedure.

@jernej__s @weddige We‘re using S/MIME since very early on in our team @pixolus and it is mostly working seamlessly - on macOS, iOS and Android. However, over 10 years of our existence, a single external party used S/MIME as well - and they had a broken implementation. No external party used GPG. It‘s a bit frustrating.

@weddige just a heads up your images are cut off horizontally on mobile

@sdubinsky thanks, I'll try to fix that tonight.

@sdubinsky it's fixed now. I added a scroll bar if it's too big.