The only way I can see of retrofitting end-to-end encryption into email is to us... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		cryptonector on May 27, 2022 \| parent \| context \| favorite \| on: Ask HN: Why XMPP failed and SMTP didn't? The only way I can see of retrofitting end-to-end encryption into email is to use DNSSEC / DANE. But this will require new MUAs. DANE for SMTP, however, has created pretty good email security -- hop-by-hop, yes, but it's much better than before.

tptacek on May 27, 2022 [–]

If all you care about is hop-by-hop security, you can accomplish that without DANE (which requires a forklift upgrade of DNS records across the Internet to work) --- this is why Microsoft and Google came up with MTA-STS.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact