Briar's Take on Store & Forward Proxy

This is an interesting development on how to deal with offline contacts. The Briar Project is looking to implement a simple HTTP-based Tor Onion service Mailbox that defines a simple REST API to add and remove contacts.

I find it interesting to see how they envision secure access and sharing of these messages especially with the constraint that non-technical communities should not be tempted by relying on a “tech nerd”. Torsten reported earlier discussion on their development channel:

The idea is that one mailbox can only have one owner to keep things simple in the mailbox implementation, but also to prevent that the familiar pattern of one tech nerd setting up infrastructure for an entire community and then having that community rely on said tech nerd.

Our goal is that setting up a mailbox is no more difficult than using Briar itself.

There’s a trade-off here (as usual). It would be more convenient and cheaper to let a few providers run mailboxes for many users, but it would also expose the users’ metadata to the providers in ways that are hard for the users to understand. Gmail being the extreme case.