I'd like to see the USPS expanded to become a public / municipal ISP of sorts.

If you read about the history of the institution, this is really what was intended in its constitutional incorporation. It really wasn't about physical mail per se, and you can't hold the founders accountable to something that was outside the realm of imagination at the time.

There's all sorts of information-structural things that are in the bounds of the USPS per the intent of its creation.

It's a real shame the USPS didn't jump on email at the start and become an email provider

This would be great for things like voting, but I think it could also be easily abused.

Many services would want to use your PKI token as identification, we would likely give up a lot of privacy because of its existence/ease-of-use.

> I still have a vague hope that the United States Postal Service could be "pivoted" into being a PKI provider

It’s going to be an uphill battle or impossible as PKIs are too obscure for the average citizen to understand the benefits and any whiff of a federal ID card will be treated like the mark of the communist coup beast.

Probably because they're so small they're overlooked by the salespeople and lobbyists from the big corps. I imagine that helps a lot. In the UK there are plenty of smart people in Government who can and would build things in a sensible way (and sometimes they do!), but there are also legions of smooth talking salespeople who usually bend the ministers' ears more easily.

Good for our neighbors (And Hi!). Latvia is also advanced in regards to eservices :)

We also get state issued ID card with PKI. We can access tons of services. Last I read I can buy a house, fully remotely. Including notary services via video call + all parties need to sign stuff with our ID card.

We get health results via email as an encrypted pdf, where password is given at the time when I submit samples.

Many business also use ID card to sign contracts between parties.

Bank transactions involve Smart-ID, 2FA app that I have to authorize via ID card for remote setup for any new device. (It involves generating new certificates) Smart-ID is developed by Estonia and is very convenient, secure way to authorize payments.

As of communication, no state issued email. However we usually get email notifications, for example from state tax service, that we should log in and read whatever we have to.

Estonia is the founding member of the NATO Cooperative Cyber Defence Centre of Excellence... they've been at the forefront for a long time. https://ccdcoe.org/

It’s partially the result of the 2007 cyberattacks they endured. After that, they started taking cybersecurity very seriously.

https://www.bbc.com/news/39655415

Size of the country is also something to consider. Population of the whole Estonia is fewer than population of a single city in other country. Area of the Estonia is also minuscule.

What works for a tiny state isn't always appropriate for a big state.

If we are to believe the EU, they are #1 in digital public services and have a respectable place in overall digitalisation of society: https://ec.europa.eu/commission/presscorner/detail/en/ip_21_...

Yep - Here in Finland, just over the bay in the north, the Estonian e-prescription system is often quoted as much leaner, meaner and more functional than our own borked attempt, at a fraction of the cost.

But Estonia has vote by internet, which guarantees that it’s possible to forge an election. Just this item brings them back to pre-democracy times.

Estonia is the one that also provided digital citizenship, right?

Using Berichtenbox is a liability. Once you activate the thing, all sorts of (semi-)government communication goes there, but you can't forward it or download it via an open API. You have to use their smartphone app or webapp.

The notifications you can set up to a normal email address invariably only say that institution X sent you a message, but never specify the topic. That means you have to login to see if it is actually important and actionable or just something you already knew or a confirmation of something you submitted.

Even worse is this common scenario:

* Get notification that X sent something to Berichtenbox

* Login to Berichtenbox (first get mobile phone for required 2FA)

* Message says new information is available in X's web portal

* Login to X's web portal (mijn.somethingsomething.nl)

* Read totally pointless message that could even have been sent in plain email

Compare this to the postal flow:

* Get letter, read it

I think these days you can deactivate Berichtenbox and receive important information via post again, but this was not an option in the first year or so, so even experimenting with it was risky.

Importantly, though, that inbox is not an email inbox. This is what the process might look like (i.e. I've been through this):

1. You can an email in your regular email stating that there is a new message in your Berichteninbox. (No clickable link, presumably to avoid phishing.)

2. You go to mijn.overheid.nl to access your Berichteninbox. You sign in with DigID.

3. You open the mentioned message, which says a PDF with the actual letter is attached.

4. You open the PDF.

5. The PDF says you'll be able to file your tax returns a month from now.

Well, their website[1] has downloads for Linux, Android and iOS. But personally, I did not use any of them.

[1] https://www.id.ee/en/article/install-id-software/

I can't rightly say that I am able to navigate the maze of standards and acronyms associated with smart cards, but the OpenSC tools on Linux have worked for me with a couple different smart cards (Nitrokey HSM and Taglio PIVKey). There are quirks. The Taglio PIVKey can't load certificates using OpenSC, but I've always generated the certificates on the device anyway.

I have been in Estonia for a few months and get my TRP recently. It's new to me. But I heard that it's the same. It's just a notification probably. Yet, the term "forwarding address" makes me think it can be something else. I did not get any email from there yet, so I don't know actually.

The PKI thing includes a physical ID card, a software solution called Smart-ID and a mobile solutions called Mobile ID. The software solutions are just authenticator apps that you've matched with your ID.

> This is the biggest flaw in the design

No, it's solid design. It's a very simple safe primitive. You can build endless infrastructure on top of it. Similar to subkeys.

For example a lot of businesses use Smart-ID on top of that. You need to tie the smartid stuff to your PKI identity. But after that you can just use that as identity.

https://www.smart-id.com/

By public services, I meant the public services provided by the state. For instance, health insurance, family doctor application, taxes, etc.

Banks require your ID whether it's smart or not. But it's not for payment purposes but for authentication. And they are not state bodies, but private commercial entities. They are not part of the PKI ecosystem of the state.

Oh, I didn't know that. That's new to me.

There are a few issues. First, Estonia is a small country and it's relatively easier. Second, there's no legacy solution to comply with when a new feature is developed. US has both federal and local government systems, and many agencies with their own services. That creates an overhead for a new and standard[1] solution.

[1] https://xkcd.com/927/

Adding to that, even worse, each state are also implementing their own identity solutions. Take Service NSW which is an expensive front-end built on Salesforce, with its digital drivers license. Each platform has its own digital identity system, which is just waste of taxpayer money.

And yet none of those corporations has displaced email, despite the fact that it has become a universal cyberattack channel, with a stagnant UX that doesn't address most real-world use cases for email!

I saw a need for a safer, better, decentralized protocol for email, so I drafted one (TMTP) and implemented client & server. More at:

https://mnmnotmail.org/ & https://twitter.com/mnmnotmail

Related protocol projects in development include:

https://mathmesh.com/

https://en.wikipedia.org/wiki/Dark_Mail_Alliance

I'm quietly confident that it will. Much in life seems to follow the movement of a pendulum.

I appreciate how the tide turned, but societies appetite changes over time; and the fact is, open protocols are not anti-profit, or anti-business.

I think the issue might be the huge amount of VC cash invested, and the need for such a player to have explosive growth to a huge valuation.

Open standards of federated systems could lead to slow sustainable growth with a spot for the original designers and pushers of the protocol. But open standards won't let you fully dominate the market, they don't allow you to leverage all the VC cash, and so they don't pay back on massive investment. Because quite a lot of the benefits are shared.

Moreover, slow growth can't compete with VC cash investment. The VC backed competition will have a better UX, more features, aggressive marketing, and in general be more developed. All because they can develop their product a lot faster because they have more money behind them.

I'd say (and I think this happens quite often, moreso in politics) it is at least possible you may be overestimating his power to do so, perhaps at least by the time he realized it?

Twitter wasn't his github repo, it was his gazillion dollar company that has to answer to a lot of stakeholders.

(That being said, no reason to not get on them about it.)

I don't think email is the issue here but it is DNS. Email relies on DNS and unfortunately government and ISPs have too much control to take your domain or have it blocked.

The same goes for a normal address. Need one for employment and is arguably a human right.

And yet, it can be taken from you with a court order.

You already can do that. Just buy a domain name, like mySSN.us. You are free to point it at any email provider of your choosing.

Speaking of Germany, do you mean De-Mail? Because while it is similar to email, it is not email compatible and had a lot of shortcomings.

Yeah, that's the issue : how do you deal with bad actors like gmail or hotmail that by their sheer size seem to have lost all accountability ?

> it's that the existing institutions don't recognize you as part of the institutional club and block your messages...

How common is this if you’ve setup DKIM, SPF, etc.? I’ve only heard about problems in that context where someone hadn’t done the basics or was trying to send from shared IPs and hit some spammer’s past reputation.

Given an account with the legal privilege to spam, how would you prevent it filling up everyone else's inboxes?

Domains are still controlled by the government.

I'm not saying it should be free. Quite the opposite. It should charge the user per-e-mail on an at-cost basis. It's a utility, not a hand-out. Think post office.

Do you punish people for sending spam?

Only by making them pay for every mail they send.

Do you filter spam, if so, how.

On the receiving end. A plugin system would let people choose to subscribe to updated blocklists and filtering rules, just like modern adblocking.

Do people need public terminals to access the service?

Same way it is now. The vast majority of people have their own smart devices, and for the ones who don't there's the public library.

I think the issue (as in the what) is that people should always be able to have a fallback option for sending and receiving email that's not at the whim of Google, MS et al.

SSN-xx-HERE@citizen.gov is a how, which may or may not be a good one. For one, here in France, the SSN isn't as important as it seems to be in the US, so its being public is probably less of an issue. This approach would still be bad for spam or whatever.

Another how could be by using the same kind of naming in use elsewhere, as in name.surname.213@citizen.gov. Except that not anyone would be able to randomly open an account. You'd have to go through some kind of agency that would check your ID. This would allow them to expose a way of changing (in case its overrun by spam) or unlocking (in case of lost password) your account safely.

We have a more or less similar thing in France with bank accounts: you have an "opposable right" (as in, undeniable) to have a basic bank account. Not sure if this is a French law or an EU directive, but I think the same could work for email.

Having a government approved spam filter would be better than letting an oligopoly of five companies decide what constitutes spam.

In fact, I can't think of a single market dominated by a handful of large companies hasnt been improved by the introduction of a government competitor.

There's a reason telcos lobby hard against community broadband and that financial institutions dial back the usuriousness of their fees when the post office offers bare bones accounts.

Almost every computer and phone ships with an email client installed.

That's where right to disconnect and anti-spam measures come in. I'm in France, and i have the right to refuse my employer contacting me outside of work hours, and they pay me if i don't. And since robocall spam is illegal, i get ~1 call every 4-5 months at most, to sell me a different internet or electricity or mobile plan, and they're obligated to respect my refusal to be contacted thereafter ( and all do).

I think the issue is that since email is more and more required to interact with the Government services, they should also provide a usable alternative. Why have your citizens rely on random foreign services from which they may be cut off because a bot somewhere is having a bad day?

In France at least, many people (mostly the elderly) are having a hard time using computers and such. Some Government agencies have dedicated personnel to help them with filling in the forms and such on dedicated computers. It could probably be easier for them if they also provided email instead of relying on a third party provider. Grandma lost her password? No biggie. If she has her ID, we can reset it for her. Good luck getting any kind of support from Google / Yahoo in such a case.

Of course, I will explicitly say that I would be very much against such a service being compulsory for the people. I just think it should exist.

Price isn't the issue, the issue is that marginalised people can be denied service outright. E.g. if you don't have a phone you can't sign up for many of those services. If you have an unusual name you may be rejected. And if you have unpopular political views you may be kicked off.

Cost aside, a solution needs to be highly available. Third party services can not guarantee your email will be available for the duration of your lifespan.

There is also the issue of data stewardship, (democratic) governments can ensure independent reviews and be held accountable for security breaches and data misuse. They could also be held liable for losses incurred by service defects.

arbitrary account shutdown is a known issue with free email. losing your gmail account without explanation and with no recourse can be an awful situation for anyone, especially for vulnerable populations. This leaves the options of forcing private orgs to maintain email addresses or have a gov email for every citizen, both of which have significant drawbacks.

Things you have to use email for:

* applying for jobs

* getting covid tests/vaccines

* buying virtually anything online

* interacting with the government online (I needed to provide an email address to update my driver's license and vehicle registration)

* opening a bank account

* renting an apartment

These are important things, so we might as well have some guaranteed way to access these services. Especially because you need an email to interact with a lot of government services.

I don't think this is a fair comparison. You can replace a toilet, arguably upgrade to a better one with little to no disadvantage.

Taking away an email address someone has had and is their primary point of contact for years, possibly decades is irreplaceable. Being able to create a new one isn't equal to the old one.

Not sure about elsewhere in the world, but even regular mail isn't that painful in my country. Pay a nominal fee to Australia post and you can have all mail addressed to you forwarded from your old to new address for N months (or years).

The reason there are as many food types is that you pay for food, while most people (except corporations) don't pay for email. This makes it so investments in food production can be returned without waiting for network effect / vendor lock-in to reach a significant level.

Your toilet example actually proves the point. Generally, water and wastewater services are not private (I know there's exceptions and most are going terribly wrong). So yes everyone's ability to use a toilet is somewhat government guaranteed.

Yeah but the existence of toilets is mandated by code. The existence of email isn't regulated in any way. Requiring non-commercial (<-- which is doing a lot of work here) email addresses would cause a robust market to appear overnight.

Just like how the highly regulated phone system dealt with voice and SMS spam.

> The American government should provide their citizens with a small space of hosting to share their thoughts.

... why? What are you basing this on legally/morally other than your own want?

I do hope that web 3 brings a DNS service that can be bought once and owned forever that nobody can tear even from your cold dead hands. I'm not holding my breath though.

The only issue I've had in my limited use is that a Deltachat email triggers a notification on the desktop before it is moved to a Deltachat-specific folder. The solution is to configure Sieve filters to do this upon reception, but just saying that we've lost all 99% of potential users

I set it up with gmail (It offered Oauth login which I did) and tried to chat with my exchange. First ping-pong had 0 errors on Android.

That’s a very fair point. I’ve definitely considered migrating from Google Workspace myself.

It's objectively awful... But when you step back a tiny bit, that doesn't matter. What matters is the inter-organizational community it achieved. If these organizations wanted to continue, they could come up with a negotiation technique like in http - both ends can use whatever fancy thing they both support, but fall back unto riding dinosaurs if that's the only thing that works.

I often swing between longing for a federated protocol that can be managed by technical people and used by everyone, like XMPP, and something more P2P to reduce centralization and allow everyone to instantly "open an account" with no need for technical skills, but that still needs some kind of relays for asynchronous communication, like ssb. None are technically perfect (although I really like the simplicity and extensibility of XMPP) but in the end what matters is not that: it's about how the protocols are used, how they allow all of us to communicate, how they give more power to those who aren't already using the internet to exchange information. And that is not a technical problem

email likewise lives on "not so great" protocols.

"perfect is the enemy of good"

Do we know how great the centralized protocols are?

That's only because running TCP/IP over a 1200 bits per seconds connection was close to impossible, but Fidonet had > 40 thousands nodes connect by 1990, so decentralization was already a thing back then.

When modems became fast enough to handle a TCP/IP connection it was ~1994 and by then Internet was already (relatively) cheap and available.

But HTTP is client/server whereas e-mail is server/server (or client/server/server/client). Small independent server operators are at the mercy of the large companies as those can just stop processing their e-mails (which they already often do). That's different for HTTP (though gatekeeping happens there too via discoverability and other mechanisms).