Hacker News new | ask | show | jobs
by robrtsql 2609 days ago
> Librem Mail. Main Features: Safe (We delete unencrypted emails after 30 days)

I don't understand encrypted email very much at all. Is encryption on emails that I have received controlled by the sender? Almost all of the transactional emails I have received (receipts, confirmation numbers, etc) are probably unencrypted, right? This doesn't sound desirable.
2 comments
groovybits 2609 days ago
PGP is a two-party system. The sender has a public/private keypair, and the recipient has a public/private keypair.

The sender encrypts a message with the sender's priv key and the recipient's pub key.

The recipient decrypts the message with the the sender's pub key and the recipient's priv key.

> Almost all of the transactional emails I have received (receipts, confirmation numbers, etc) are probably unencrypted, right?

Totally up to your email provider and a sender's email provider. Your provider may choose to send/accept email over TLS, which is also encrypted. Gmail, for example, does this.

link
jolmg 2609 days ago
> The sender encrypts a message with the sender's priv key and the recipient's pub key.

You just need the recipient's public key to encrypt. Are you thinking about the sender adding a cryptographic signature, too?

> The recipient decrypts the message with the the sender's pub key and the recipient's priv key.

You don't need the sender's public key, just the recipient's private key to decrypt. Though, if there's also a cryptographic signature from the sender, then you would need the sender's public key to verify the signature.

link
groovybits 2608 days ago
I was attempting to explain in a simplified manner, since OP said that they did not know much about email encryption. But if you want to be semi-technical about it:

Both the sender's and recipient's public keys are required to calculate a shared secret. That shared secret is then used to encrypt the message. The recipient's priv key is used to decrypt the message.

Edit: Validating a digital signature is typically part of the process when using all-in-one software (eg: Thunderbird's Enigmail extension). That is why I mention the use of private keys. Again, an oversimplification on my part in response to OP's statement "Is encryption on emails that I have received controlled by the sender?", which is false.

See: https://tools.ietf.org/html/rfc4880#section-2.1

link
thomastjeffery 2604 days ago
Yes, that is the detail that was glossed over.

The difficult part is for the sender to get a copy of the recipient's public key. In practice, a sender will always sign with their private key, since they can just send a copy of their public key with the message.

I think GP thought it necessary to give a complete example, but not a complete explanation.

link
jammygit 2608 days ago
Almost 100% of the email aimed at most people does not use PGP, and thus temporary in this scheme. That means that it gets deleted every 30 days. However, doesn't that only mean that the librem One user loses their copy (unless they made a backup), but the other party gets to keep theirs?

What am I missing that causes this to make sense as a feature?

link