[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Java power



[in retrospect, not much direct crypto relevance in my reply]

Raph Levien writes:
>    Another scenario which works is email, even including transparent
> encryption. This one is interesting to me, so I'll go into a little
> more detail.
>    In this scenario, the server acts as a file server for keyrings
> (both public and secret) and mail spools. Here's a typical sequence of
> events for me getting my mail and replying to one message:
> 
> 1. I call up the JavaMail web page, which is just a wrapper for the
> JavaMail applet.
> 
> 2. The JavaMail applet starts with a forms-style login screen. I type
> my username.
> 
> 3. The applet asks the server for my mail spool (given the username
> and perhaps also a password for authentication).
> 
> 4. The applet displays my mail spool on the screen and lets me fiddle
> with it, scrolling through it, reading messages, etc.
[...steps 5-10 elided...]
>    To me, this is an exciting scenario. Note that, as long as you
> trust the browser, this lets you read your mail from anywhere.

I'm trying to mentally compare this scenario with the use of a 
cryptographically-outfitted mailer operated through an encrypted telnet 
session. 

First of all, I suppose the browser has groovy bells and whistles to spice
up reading email. Maybe you could run a snazzy GUI standalone mailer in some
windowing protocol through the encrypted telnet link as an alternative. This 
is largely irrelevant to me personally, but could make a huge difference to 
the hoi polloi.

Ignoring such interface concerns, what kinds of situations would be conducive
to the JavaMail approach but not, say, ssh+Elm+PGP ?  Perhaps I'm visiting
someone where there's no local POP for my ISP. The friend I'm visiting has 
e.g. an AOL account. I would like to read mail on my remote account via her
AOL browser. Am I wrong in assuming that I couldn't execute a telnet: URL
with the AOL browser ?

-Futplex <[email protected]>