gemini://tilde.team/~steve/blog/2021-10-27.gmi

I have some thoughts about email or messaging in general. Say we identify ourselves using GPG so I can send someone a secure message by encrypting it using his public key. Now I put this file in his inbox folder KEY://inbox/ which is write-only. I recon messages traffic frequency should be private.

Is it weird that someone is able to put a blob on my computer? Well, first we define a users graph such that you can send me a message ONLY if you are my friend, which is another way of saying there's an edge between us in some graph. This is a form of allow list which will prevent a LOT of spam. We'll discuss the graph later. Next, is having a file saved locally without permission an issue? I can think of desktop email clients who download attachments automatically. Another example: if one runs a self-hosted email server, the emails + files are saved on that server. Maybe the difference is that a self-hosted server is there; it's not my real computer but files can infect the email server which is part of my local network by definition.

Finally, if you find yourself still bothered by people in YOUR network dropping encrypted files into your inbox folder we can suggest the radical change in point of view: the sender will have to ask for your permission which will include his name/identity and message size (meta data, but not subject); only after approval the message will be sent. This will be implemented on the sender's client; it will try every X minutes until delivery, a timeout or an outright refusal for delivery. Approval can be manual or automatic based on rules - allowlist, message size, messages frequency (no more than 10 messages per second...) and trust level (graph weights).

Asking the receiver for permission sounds extreme but it's very similar to subscribing to a newsletter, accepting a phone call or signing on a package delivery. We can turn messaging into a more deliberate, intentional and private form of communication.

What are the missing parts? We mentioned GPG identities. The peer-to-peer clients will communicate via a simple protocol, inspired by Gemini, secured by TLS. They will negotiate messages deliveries of GPG encrypted messages. A queue of unsent messages. Lastly the friends graph. I have some thoughts on that, but let's talk about it next time.

Offline Messaging 📬