|
|
|
|
|
|
by brownbat
4605 days ago
|
|
|
Users don't do security, all of this should happen automatically in the background. When you hit send, a shared key should be negotiated with the recipient before your text leaves your box, without you really knowing it. The key could silently be negotiated on top of the same protocol through automatically generated emails containing key setup information in headers (but empty "body" fields). Specs for those key negotiation headers could easily go in an RFC, and systems that don't speak the language could then be shamed as noncompliant. |
|
|