It’s not recoverable and permanently compromised if ever it is.

Also, even if someone was trying to impersonate you, you wouldn’t know it unless the recipient told you (which could also be done today with DMARCs, albeit at a domain level not an email level)

I’m glad there are authorities out there (like Google) that act as gatekeepers and track the worthiness of senders. Without that, there would just be no way to close the floodgates. Is Google the best company for that? It’s definitely one of the good ones for that.

No, you can’t forge emails easily as you say. Maybe DMARC isn’t perfect, but it works just fine. Attacks that bypass that are done on misconfigured systems, so human error, which can happen with any tech, the one from this post included.

Yes email is an old tech, but let’s not pretend like it hasn’t evolved. It’s not perfect, but it generally works. I don’t think you need to go fully decentralized, but some steps to have more than a single authority could be positive.

You’re not adding anything that wasn’t argued towards before. Soon or later, you have to trust something. There are ways to transfer keys by other means which you can use to corroborate.

The tradeoffs of this idea are just not worth it for 99% of the people.

I understand how public-private keys work, and I understand why you’d want one. I just think this implementation of a register is bad. Not from a security risk, from a use case point of view; it’s for all intent and purposes an email which if ever compromised is forever compromised and non reusable. It’s an email that’s unrecoverable so not usable in many companies.

I’m sure there are other reasons to not like the idea, but that’s what I can think off the top of my head.

Except the trust of the source of the blockchain, or some certificate authority somewhere at some point, but ya, that’s kinda assumed as there is no way of making a “first handshake” that’s secure.

For me, it all looks like someone is trying to make a product rather than solve an actual issue.

It’s not a reason to make it worse.

It’s trying to solve a problem that we don’t have. We don’t need any of that to be immutable.

Why would knowing every single email be seen as something positive? Nice way to have spam-heaven. The keys also don’t need to be public. If you need something THAT secretive, there are safe ways to do a permanent key exchange.

That’s not what racist means…

The wrong password is by design. It’s to give the least information to traffic they consider risky.

Is your smart-broom connected wifi or wired?

That’s perfect then, you both agree you shouldn’t visit their site.

Who are you lying to? Your Adblock definitely is because you don’t want ads, not for privacy.

Yeah. I have no issues recognizing errors/shortcomings of services I like, but I’m trying to avoid creating fake issues with those I don’t like.

I don’t like Apple, but if you’re looking at the best company when it comes to rounded corners, look no further!

Did YOU enable MFA using that phone number when you were logged in years ago?

So if they don’t let you sign-in with not enough information, they’re wrong because, and if they would let anyone with your password signing in, they’d be bad too?

Right…

That’s not how things work…

Yeah! If you’re teaching elementary school and not at the Doctorate level, it means you don’t care about education!
/s