From: Joe Crescenzi
, Founder - Staten Island, NY
Local, but passwords are still required.
You have to look at the two distinct parts of the idea.
1. Spam Free
A closed, invitation only system would guarantee #1, Spam free emails, because you could only send and receive emails between members who accept your invitation.
Encryption is not essential to a Spam free system, but for those who absolutely need truly secure emails, the encryption keys would never be stored on the server.
On the positive side, if the server is hacked, as it was with Sony, every email would remain totally unreadable, and therefore secure. Since each email was scrambled before sending, the server's only role was to send and receive the already encrypted email.
You can think of this as a P2P email system. Servers only facilitate transfers between parties, but they never have access to the keys.
On the local side, the user will be required to enter a secure password, which unlocks the security keys for the session. Although this still leaves room for access if that user shares the password, it's far more secure than when somebody hacks a server, exposing countless accounts.
On the downside, if you forget your own password, there would be no way to unencrypted the local security keys, so you would lose access to all the original emails. That may sound like a real big negative, but for some people, that's a small price to pay for truly secure email... with "Plausible Deniability" if you are asked to release emails that you don't want made public.
(Like Reply N/A) [0 Likes]