DIME is a new set of protocols for sending and receiving E-Mail designed by several prominent E-Mail security experts to include built-in privacy features.
One interesting thing to note about this protocol is that it not only prevents unauthorized parties from reading the content of an E-Mail message, but also makes effort to make entities that take part in the delivery of a message know as little as possible.
For example, the fist server the user delivers a message through, knows only the address of the next server to deliver the message to and not the full address of the message recipient. Similarly, the final destination server, from which the recipient can pull the message, does not know the full address of the sender, which is only revealed to the recipient.
I didn’t dig too deeply into the protocol, but there are two issues I see with it:
- What happens in case of large provides, like Gmail, where both the sender and the recipient can be served by the same server? At bare minimum such a provider can easily collect metadata about who sends E-Mail to whom.
- The developers seem to only focus on replacing the classical E-Mail protocols of IMAP and SMTP. While E-Mail is still very popular, I think that in order to be relevant in today’s world, a modern implementation of E-Mail should also incorporate and integrate support for calendaring, real time messaging, presence, and maybe even video and voice.
Ifblog (ponderings 2.0) 