[jlgaddis]

As others have pointed out, SIM cards are basically smart cards. There's PKI, private keys, the ability to perform mutual authentication (although that's not usually done, at least in .us), and much more.

Honestly, I wish their use would expand into other areas of our lives -- replacing username and password combinations for various devices (working for an ISP, home routers are one good example).

As much as I'm against the idea of a mandatory "national ID", I'm convinced that it will happen someday (in .us, where I live). When it does, I believe it'll be something similar to US DoD's CAC [1]: a physical identification card that doubles as a smart card. The private keys stored on the card will allow you to prove your identity to your banks/financial institutions, e-mail account (100% encryption of all e-mails? Yes, please!), and so on.

[1]: https://en.wikipedia.org/wiki/Common_Access_Card

[jacquesm]

The national ID thing happened long ago, the thing that is on the verge of happening is 100% digital communications and interaction with the government.

[rocqua]

Sadly, encrypting e-mail will break all current anti-spam methods.

[jlgaddis]

Not exactly. Some methods won't be nearly as effective (such as filtering on the message body) but others (such as SPF, DKIM, and RBLs) will still work just as well as they do today.

Now that I think about, just the encryption itself will increase the computational cost of sending out spam e-mails. While today a spammer can blast out an e-mail to 100 recipients very quickly, it'll take a fair bit longer to do once the spammer has to query and retrieve 100 public keys (one for each of the recipients) and then encrypt the e-mail 100 times over.

[rocqua]

A large part of spam detection remains machine learning on message bodies. Something this would make impossible.

As for encrypting the e-mail 100 times. AES acceleration is great in CPU's, and you can cache public keys. The only real-ish bottleneck could be key-generation.

That said, someone else had a decent idea. Require white-listing for encrypted e-mail.

[pYQAJ6Zm]

An intermediate solution?: All encrypted email senders have to be while-listed by the receiver. All clear email will be allowed by default, and usually be the first way of reaching somebody, either for legitimate or illegitimate (spam) purposes.