Comment by takeda
As someone who used Internet in the 90s I don't follow. There was almost nothing encrypted.
SSL/TLS was introduced for POP3/IMAP, but I don't think that was bad.
As someone who used Internet in the 90s I don't follow. There was almost nothing encrypted.
SSL/TLS was introduced for POP3/IMAP, but I don't think that was bad.
I remember reading on here years ago that people were concerned that the government was reading their "private" emails. I've always just considered email to be sent in plain text. Just 10 years ago only 30% of emails from Gmail were encrypted. Even though now its 99% of outgoing email is encrypted, but all those emails sent before are probably sitting in a database somewhere. And it still reverts to unencrypted if the recipient doesn't support TLS.
The 90s had the opportunity to deploy something like PGP widely, but because there was no perfectly safe way to distribute the keys it never went anywhere. The most practical solution the crypto nerds could accept was the web of trust, where you were supposed to physically meet everyone you wanted to communicate with so you could physically exchange the keys, which was never going to scale.
Email to this day is unencrypted at rest and completely transparent to whomever is running your mail server. You don't think Google runs GMail out of the goodness of their heart do you?