Yeah, I understand the constraints. I have also been thinking about creating some secure messaging application ever since LavaBit went under. Unfortunately, after thinking about it, there doesn't seem like very much I could do. Most security-conscious users who demand 'ultra security' would understand how to get that security (using PGP over P2P methods to deliver the messages to avoid the metadata trail).
If you wanted more security 'in general' but still have it 'easy to use', you're naturally going to run into some problems.
Using something like the system you built as-is has at least two main problems as I see it:
1. First, and most importantly, using PDF loses the context of a 'message chain', since replying doesn't let you easily quote the previous text - and you can't see what the user said 3 messages ago. That's quite a loss of convenience for only a relatively minor gain in security. The average user today won't accept that loss in functionality, I would suspect.
2. Second, it requires users to have PDF readers installed. The average user is just going to install Acrobat Reader, which will likely only open them up to more vulnerabilities considering the state of it right now. I would strongly encourage users to stay away from Acrobat Reader, especially disable browser plug-ins for it, and view PDFs only when absolutely necessary.
So-called 'secure messaging portals' that I've seen require users to create an account to read their message and doesn't use email at all except to notify that you need to log on to see a new message (perhaps saying the account name that it's from). Naturally, this primarily relies on SSL and the user's browser. SSL itself isn't too bad to build a more secure messaging platform like this (vs general purpose email), but yes it has its fair share of vulnerabilities now and people have even been coerced into handing over SSL keys in extreme situations... so maybe it can't be considered 'ultra-secure' anymore either, unfortunately. I've looked into providing encryption with JavaScript alone ( something like jcryption here:
http://www.jcryption.org/ ) and while it does help for form submission in general - it cannot be relied upon for a variety of reasons ( some are described here:
http://www.matasano.com/articles/javascript-cryptography/ ). However, of course, this still has the 'single server' / middleman problem, where the server operators could get information about all the user's communications if they really wanted to or were coerced into doing so. The main thing you'd have to do to secure it more would be to make it decentralized.
The only easy thing I can think of to get around that is using something that is an offline application that handles the encryption parts - and then send the raw encrypted text so they can import it into the application... to be secure it would _require_ the user to maintain keys that the server knows nothing about. And then deliver the communication through different/decentralized channels. But, alas, that sounds really similar to PGP today...
So what is a good compromise for the average user? If you are designing this for them, to give them something a little more secure, I would think it needs to be as easy to use as possible... and people text a lot (I mean a LOT) on their silly phones... even though that is even less secure than email. So this would require mobile capabilities to address that for the average person as well. If you can deliver something akin to a secure messaging portal that works on phones and laptop alike, that's also decentralized an easy to use... I think something like that is what is needed to deliver what is needed in that space. But that's a tall order? Maybe something like XMPP could play a role.
It sounds do-able to me, and it would be an improvement over the current state of things, it's just a lot of work. Any thoughts on an approach like this?