Re: [dmarc-ietf] Email security beyond DMARC?

Bernie Hoeneisen <bernie@ietf.hoeneisen.ch> Wed, 20 March 2019 14:22 UTC

Return-Path: <bernie@ietf.hoeneisen.ch>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 043081275E9 for <dmarc@ietfa.amsl.com>; Wed, 20 Mar 2019 07:22:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PxB5l4jn53O8 for <dmarc@ietfa.amsl.com>; Wed, 20 Mar 2019 07:22:38 -0700 (PDT)
Received: from softronics.hoeneisen.ch (softronics.hoeneisen.ch [62.2.86.178]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C9A3B126D00 for <dmarc@ietf.org>; Wed, 20 Mar 2019 07:22:37 -0700 (PDT)
Received: from localhost ([127.0.0.1]) by softronics.hoeneisen.ch with esmtp (Exim 4.86_2) (envelope-from <bernie@ietf.hoeneisen.ch>) id 1h6c71-0006fq-A1; Wed, 20 Mar 2019 15:22:35 +0100
Date: Wed, 20 Mar 2019 15:22:35 +0100 (CET)
From: Bernie Hoeneisen <bernie@ietf.hoeneisen.ch>
X-X-Sender: bhoeneis@softronics.hoeneisen.ch
To: DAMY gustavo <gustavo.DAMY@upu.int>
cc: "dmarc@ietf.org" <dmarc@ietf.org>
In-Reply-To: <8e26770d45b14816b3a5b9da33acf83a@PEXC01.upu.ch>
Message-ID: <alpine.DEB.2.20.1903201505510.7108@softronics.hoeneisen.ch>
References: <1dc451a973a8443a87d37b6e5c41fe38@bayviewphysicians.com> <alpine.DEB.2.20.1903181355520.5419@softronics.hoeneisen.ch> <90b936ec488f41108bc4e528eb7933f6@PEXC01.upu.ch> <002a01d4de81$18ac27b0$4a047710$@bayviewphysicians.com> <alpine.DEB.2.20.1903191935400.4731@softronics.hoeneisen.ch> <8e26770d45b14816b3a5b9da33acf83a@PEXC01.upu.ch>
User-Agent: Alpine 2.20 (DEB 67 2015-01-07)
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset=US-ASCII
X-SA-Exim-Connect-IP: 127.0.0.1
X-SA-Exim-Mail-From: bernie@ietf.hoeneisen.ch
X-SA-Exim-Scanned: No (on softronics.hoeneisen.ch); SAEximRunCond expanded to false
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/gFYtlT8fpfrB5uSuPmAiSMGJ70c>
Subject: Re: [dmarc-ietf] Email security beyond DMARC?
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Mar 2019 14:22:40 -0000

On Wed, 20 Mar 2019, DAMY gustavo wrote:

> But pEp is also based on MIME (which requires trust on at least one 
> centralized CA which falls into the centralized infrastructure isn't it 
> ?)

MIME does not require a centralized CA. I presume your mean S/MIME. pEp is 
not based on S/MIME. However, pEp is working on interoperability with 
S/MIME.

> And yes I agree bad guys could use this as well (but probably they 
> already do it anyway) so through pEp + DMARC it wouldn't be even safer 
> to exchange messages finally an easy way to have End to end encryption 
> using open protocols for webmail (and not just rely on existing APPS/SW) 
> implementations?

This depends on the requirements or threat scenarios a system is based on. 
If Privacy is top priority, I see no other way than using a true 
end-to-end system.

cheers,
  Bernie