[pdx]

That's fair, and I do not want him to stop warning us. I recognize his expertise.

I just feel that these sorts of criticisms, that are not sandwiched with at least a little positive message, are keeping people paralyzed in gmail and yahoo and msn while they wait for perfection.

[tptacek]

What positive message are you looking for here? Are you just glad people are trying to protect people, even if they're failing?

[read]

tptacek, can you suggest a design for end-to-end email encryption delivered through a browser?

As theboss mentioned [1], is:

(a) browser crypto theoretically impossible, is it

(b) that something's practically from browsers today (like build-in crypto code) for a practical solution, or is it

(c) that existing attempts have not attempted to do something that is theoretically possible?

If I understood you correctly, you alluded verification might be possible [2] but it seems there isn't yet a clear description or understanding of what's possible and what's not.

[1] https://news.ycombinator.com/item?id=7757892

[2] https://news.ycombinator.com/item?id=7757678

[tptacek]

Verification isn't possible in modern browsers. This is an inherently hard problem, one that has caused some people who've launched carefully-designed encrypted mail systems to abandon the effort.

[read]

Am I understanding you correctly that verification IS possible in browsers, just not the existing modern ones (e.g. because of limitations in the existing modern ones) and that browser crypto is possible?

(I recognize it might inherently be a hard problem, but hard does not equal impossible. I also recognize there are benefits to a simpler solution that can outweigh the benefits of a harder solution.)