[Endymail] Why S/MIME and OpenPGP ecosystems fall short
Watson Ladd <watsonbladd@gmail.com> Tue, 02 June 2015 05:07 UTC
Return-Path: <watsonbladd@gmail.com>
X-Original-To: endymail@ietfa.amsl.com
Delivered-To: endymail@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7424D1B29CE for <endymail@ietfa.amsl.com>; Mon, 1 Jun 2015 22:07:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.101
X-Spam-Level:
X-Spam-Status: No, score=-0.101 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rHsVREsroZBA for <endymail@ietfa.amsl.com>; Mon, 1 Jun 2015 22:07:13 -0700 (PDT)
Received: from mail-wi0-x231.google.com (mail-wi0-x231.google.com [IPv6:2a00:1450:400c:c05::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 854311A0461 for <endymail@ietf.org>; Mon, 1 Jun 2015 22:07:12 -0700 (PDT)
Received: by wifw1 with SMTP id w1so129802044wif.0 for <endymail@ietf.org>; Mon, 01 Jun 2015 22:07:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=XMpu53eSP52u/XqBFHFu0zSrfkD0Sz0rVdMjy7ovJ0E=; b=xKNv5uHb/BCgbJa5ddMo1Cs/UyvKeH92ry7HsnqFR8uHPesjKEEZPuSDGUo4+dGYtm qz9w+btbSMMJHFzWt/msXs39lFgrVQbk7twzdgG00leF7c1FknZ2Dy9GJ98EtdmsoLDj SaBDhtNoS3uqAI/TCx9s17CBzt6Au6Go/Uy9iQkEvovlaAtBPyx0Yi9Y1lOcrZD+IWop z21OLCcNYnoOgliZM+Vlp1pMg+SpF1e/aCYBmMc6kawjNa6yYbHBq1Tiltb6y0Haqs3P h5JD650BOwnVLR5VPZb7ozwr35MpTJcDGyzhWpJyr/UUGcpfWPnVmNgjfBF5yV0E3nR8 BNhw==
MIME-Version: 1.0
X-Received: by 10.180.9.6 with SMTP id v6mr27454384wia.83.1433221631296; Mon, 01 Jun 2015 22:07:11 -0700 (PDT)
Received: by 10.194.20.97 with HTTP; Mon, 1 Jun 2015 22:07:11 -0700 (PDT)
Date: Mon, 01 Jun 2015 22:07:11 -0700
Message-ID: <CACsn0c=1RfwZF3-ynoaer=QkRXE56Mzwe1y50QQirW=GMBwvYA@mail.gmail.com>
From: Watson Ladd <watsonbladd@gmail.com>
To: endymail <endymail@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <http://mailarchive.ietf.org/arch/msg/endymail/H0R2G7TDlUMNKmHjiaIuyZ6El0k>
Subject: [Endymail] Why S/MIME and OpenPGP ecosystems fall short
X-BeenThere: endymail@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <endymail.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/endymail>, <mailto:endymail-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/endymail/>
List-Post: <mailto:endymail@ietf.org>
List-Help: <mailto:endymail-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/endymail>, <mailto:endymail-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Jun 2015 05:07:14 -0000
Dear all, Let's compare a messaging system like TextSecure to the experience of secure email messaging. A user downloads TextSecure, starts using it. It has a familiar UI, and encrypts when it can without any explicit user invocation. If they want to validate keys, they can do so easily: there is one fingerprint and clear instructions on how to compare it. The semantics are exactly what is expected. Compare to what happens with GPG. Immediately the user is asked to make important choices with no guidance. Key discover is separate step. When sending messages, they have to choose several orders of operations and ciphers, with the wrong choice having consequences. I don't think any choices have the right semantics. A lot of this has been ruled out of scope as UI issues, but I don't think so: I think that solving these issues require removing many of the problems that we expose to users. Certainly some plugins do a very good job of fixing some of these headaches, but I don't think any of them are as reliable as TextSecure. It's clear to me that this isn't easily fixable by standards work alone: much of the damage is baked in to the functioning of S/MIME and PGP. What needs to happen is that we need to come up with good ideas around key management that are actually deployable, and provide the semantics people want. Sincerely, Watson Ladd
- [Endymail] Why S/MIME and OpenPGP ecosystems fall… Watson Ladd
- Re: [Endymail] Why S/MIME and OpenPGP ecosystems … Arnt Gulbrandsen
- [Endymail] Why S/MIME and OpenPGP ecosystems fall… Tom Ritter
- Re: [Endymail] Why S/MIME and OpenPGP ecosystems … Michael Kjörling
- Re: [Endymail] Why S/MIME and OpenPGP ecosystems … Arnt Gulbrandsen