Re: [E2ee] Review of review-draft-knodel-e2ee-definition-04
Vittorio Bertola <vittorio.bertola@open-xchange.com> Tue, 12 July 2022 10:16 UTC
Return-Path: <vittorio.bertola@open-xchange.com>
X-Original-To: e2ee@ietfa.amsl.com
Delivered-To: e2ee@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CF5D2C14CF0C for <e2ee@ietfa.amsl.com>; Tue, 12 Jul 2022 03:16:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.106
X-Spam-Level:
X-Spam-Status: No, score=-7.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=open-xchange.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kVoLV_Fv2GMN for <e2ee@ietfa.amsl.com>; Tue, 12 Jul 2022 03:16:38 -0700 (PDT)
Received: from mx3.open-xchange.com (mx3.open-xchange.com [87.191.57.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 83962C14F738 for <e2ee@ietf.org>; Tue, 12 Jul 2022 03:16:38 -0700 (PDT)
Received: from imap.open-xchange.com (imap.open-xchange.com [10.20.28.81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx3.open-xchange.com (Postfix) with ESMTPSA id 6C37E6A159; Tue, 12 Jul 2022 12:16:36 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=open-xchange.com; s=201705; t=1657620996; bh=31vIsETpEovLPCxEXW+wI3ZIBmL1eMt9mjqwlwTpf0c=; h=Date:From:To:In-Reply-To:References:Subject:From; b=+SiYQBioh7o1dOYtNGfJZr66OU2+d2oOhRS25r290HMnZ7Dsy6GxlWg4l8KZ6ZfV3 7NvPWnfCEp7givWAQ2UHItUOxQ1/lyDOY6snCp6s9cNq449wCwRwHESOSeP6W9AaKJ +Y1SLewlgrZg0C0bnRkTYUrqJQOahBknrPLJ2Xm5n+KAFwUSmnUY54mOWJMYJF6SmL /Npo4/l9dxDfUqvJ9O2bbabqliaAp/k663tNoWUyfdb88wmJEVMKapvs3HWZR8NmzF tqvIXEXD47frhX2eVclzdkY3OKERzVGAmq0g4A0WwQ+oHeqFO+9Yk/YkAcmoGd/zdv vvdOkAOgkzENA==
Received: from appsuite-gw1.open-xchange.com ([10.20.28.81]) by imap.open-xchange.com with ESMTPSA id FikRGQRKzWIfjwEA3c6Kzw (envelope-from <vittorio.bertola@open-xchange.com>); Tue, 12 Jul 2022 12:16:36 +0200
Date: Tue, 12 Jul 2022 12:16:36 +0200
From: Vittorio Bertola <vittorio.bertola@open-xchange.com>
To: Mallory Knodel <mknodel@cdt.org>, e2ee@ietf.org
Message-ID: <1682408825.134572.1657620996366@appsuite-gw1.open-xchange.com>
In-Reply-To: <d73996ab-3441-70e9-ea60-eeeceb92e241@cdt.org>
References: <0452ff0-ff6f-816d-2deb-6624531abcd@nohats.ca> <d73996ab-3441-70e9-ea60-eeeceb92e241@cdt.org>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_Part_134570_2001761764.1657620996357"
X-Priority: 3
Importance: Normal
X-Mailer: Open-Xchange Mailer v7.10.6-Rev14
X-Originating-Client: open-xchange-appsuite
Autocrypt: addr=vittorio.bertola@open-xchange.com; prefer-encrypt=mutual; keydata= mQENBFhFR+UBCACfoywFKBRfzasiiR9/6dwY36eLePXcdScumDMR8qoXvRS55QYDjp5bs+yMq41qWV9 xp/cqryY9jnvHbeF3TsE5yEazpD1dleRbkpElUBpPwXqkrSP8uXO9KkS9KoX6gdml6M4L+F82WpqYC1 uTzOE6HPmhmQ4cGSgoia2jolxAhRpzoYN99/BwpvoZeTSLP5K6yPlMPYkMev/uZlAkMMhelli9IN6yA yxcC0AeHSnOAcNKUr13yXyMlTyi1cdMJ4sk88zIbefxwg3PAtYjkz3wgvP96cNVwAgSt4+j/ZuVaENP pgVuM512m051j9SlspWDHtzrci5pBKKFsibnTelrABEBAAG0NUJlcnRvbGEsIFZpdHRvcmlvIDx2aXR 0b3Jpby5iZXJ0b2xhQG9wZW4teGNoYW5nZS5jb20+iQFABBMBAgAqBAsJCAcGFQoJCAsCBRYCAwEAAp 4BAhsDBYkSzAMABQMAAAAABYJYRUflAAoJEIU2cHmzj8qNaG0H/ROY+suCP86hoN+9RIV66Ej8b3sb8 UgwFJOJMupZfeb9yTIJwE4VQT5lTt146CcJJ5jvxD6FZn1Htw9y4/45pPAF7xLE066jg3OqRvzeWRZ3 IDUfJJIiM5YGk1xWxDqppSwhnKcMOuI72iioWxX0nGQrWxpnWJsjt08IEEwuYucDkul1PHsrLJbTd58 fiMKLVwag+IE1SPHOwkPF6arZQZIfB5ThtOZV+36Jn8Hok9XfeXWBVyPkiWCQYVX39QsIbr0JNR9kQy 4g2ZFexOcTe8Jo12jPRL7V8OqStdDes3cje9lWFLnX05nrfLuE0l0JKWEg8akN+McFXc+oV68h7nu5A Q0EWEVH5QEIAIDKanNBe1uRfk8AjLirflZO291VNkOAeUu+dIhecGnZeQW6htlDinlYOnXhtsY1mK9W PUu+xshDq7lXn2G0LxldYwyJYZaJtDgIKqVqwxfA34Lj27oqPuXwcvGhdCgt0SW/YcalRdAi0/AzUCu 5GSaj2kaGUSnBYYUP4szGJXjaK2psP5toQSCtx2pfSXQ6MaqPK9Zzy+D5xc6VWQRp/iRImodAcPf8fg JJvRyJ8Jla3lKWyvBBzJDg6MOf6Fts78bJSt23X0uPp93g7GgbYkuRMnFI4RGoTVkxjD/HBEJ0CNg22 hoHJondhmKnZVrHEluFuSnW0wBEIYomcPSPB+cAEQEAAYkBMQQYAQIAGwUCWEVH5QIbDAQLCQgHBhUK CQgLAgUJEswDAAAKCRCFNnB5s4/KjdO8B/wNpvWtOpLdotR/Xh4fu08Fd63nnNfbIGIETWsVi0Sbr8i E5duuGaaWIcMmUvgKe/BM0Fpj9X01Zjm90uoPrlVVuQWrf+vFlbalUYVZr51gl5UyUFHk+iAZCAA0WB rsmACKvuV1P7GuiX3UV9b59T9taYJxN3dNFuftrEuvsqHimFtlekUjUwoCekTJdncFusBhwz2OrKhHr WWrEsXkfh0+pURWYAlKlTxvXuI7gAfHEQM+6OnrWvXYtlhd0M1sBPnCjbyG63Qws7Rek9bEWKtH6dA6 dmT2FQT+g1S9Mdf0WkPTQNX0x24dm8IoHuD3KYwX7Svx43Xa17aZnXqUjtj1
Archived-At: <https://mailarchive.ietf.org/arch/msg/e2ee/qIEuOxmqtfiCxRgY4WrHjGTbcQM>
Subject: Re: [E2ee] Review of review-draft-knodel-e2ee-definition-04
X-BeenThere: e2ee@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Discussion of the definition of end-to-end encryption." <e2ee.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/e2ee>, <mailto:e2ee-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/e2ee/>
List-Post: <mailto:e2ee@ietf.org>
List-Help: <mailto:e2ee-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/e2ee>, <mailto:e2ee-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Jul 2022 10:16:42 -0000
> Il 12/07/2022 02:13 Mallory Knodel <mknodel@cdt.org> ha scritto: > > > "E2EE systems" is fully equivalent to "end-to-end encrypted systems". We are trying to solve the problem that nowhere is there agreement on the minimum features of E2EE that makes something E2EE. This is becoming a problem because I keep hearing this rumours that content moderation (of messages in encrypted apps) doesn't break E2EE. > Well, "end-to-end encryption" means "end-to-end encryption". How can you break it by moderating unencrypted content at the edges? If (however you define the endpoints) at a certain point of the path between those endpoints the content is unencrypted, then your system does not have e2ee; claiming that it does would confuse and cheat the user. Proposals to screen content in IM apps before encryption or after decryption do not break e2ee; the problem is rather the IM app claiming to have e2ee when it doesn't. You should rather talk about "end-to-end confidentiality", "secrecy of correspondence" or something like that; we've been having the concept for ages (e.g. for physical correspondence, which in several countries is constitutionally protected from interception) and I don't see why it should now be rebranded as "end-to-end encryption". -- Vittorio Bertola | Head of Policy & Innovation, Open-Xchange vittorio.bertola@open-xchange.com mailto:vittorio.bertola@open-xchange.com Office @ Via Treviso 12, 10144 Torino, Italy
- [E2ee] Review of review-draft-knodel-e2ee-definit… Paul Wouters
- Re: [E2ee] Review of review-draft-knodel-e2ee-def… Mallory Knodel
- Re: [E2ee] Review of review-draft-knodel-e2ee-def… Alec Muffett
- Re: [E2ee] Review of review-draft-knodel-e2ee-def… Vittorio Bertola