IETF Logo Mail Archive

Re: [Endymail] spam versus cleartext

Phillip Hallam-Baker <phill@hallambaker.com> Sun, 07 September 2014 21:44 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: endymail@ietfa.amsl.com
Delivered-To: endymail@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 098BE1A0712 for <endymail@ietfa.amsl.com>; Sun, 7 Sep 2014 14:44:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.278
X-Spam-Level:
X-Spam-Status: No, score=-1.278 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PbcQ8L1jAAFe for <endymail@ietfa.amsl.com>; Sun, 7 Sep 2014 14:44:18 -0700 (PDT)
Received: from mail-lb0-x231.google.com (mail-lb0-x231.google.com [IPv6:2a00:1450:4010:c04::231]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5FB621A0711 for <endymail@ietf.org>; Sun, 7 Sep 2014 14:44:18 -0700 (PDT)
Received: by mail-lb0-f177.google.com with SMTP id l4so3202731lbv.8 for <endymail@ietf.org>; Sun, 07 Sep 2014 14:44:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=CWnGMkfH6l4u0laMeQvzqPV6PHcm0tAZaY1NUAqdrWY=; b=YkdBmeHNaCdEy4TwhGfLoAYY3eeY6SPAvfkfxZjdZJQU+0bsq7Vhcev6hUfOfa/VKF ijUMH8ODdLuazwlPFImNetOQB+qcL76uqmmJIDtIrvkj0SkQlQ3+sVq36NpZDkl18n6T Q87VPG4AdPreD8UtSddK0TWTIrKZpyD25n/6dfhOozCmMi1xxInSCh6kZVg+3VRVbG+L UjjYIUiNEFwzB4AEraQP9EHZijQr7aylsPktFGt7PCR2V+q4Zt9WHRe3Hl90ZcjIOzoD lVBD4jptiivGVRlTjXNSDjm1YM4Y5goAAaFRNJeoXZKAn2Em6QTL+IxNAfV9N6u/uWEY bA8A==
MIME-Version: 1.0
X-Received: by 10.112.202.106 with SMTP id kh10mr23813450lbc.66.1410126256632; Sun, 07 Sep 2014 14:44:16 -0700 (PDT)
Sender: hallam@gmail.com
Received: by 10.112.122.50 with HTTP; Sun, 7 Sep 2014 14:44:16 -0700 (PDT)
In-Reply-To: <540CCA3E.8020505@qti.qualcomm.com>
References: <540AABF8.8000605@cisco.com> <540C5BE1.6010405@qti.qualcomm.com> <CAMm+Lwh1JJQTOgRN_31b3+oTreeHzntBxx5sNeAFQAwnac9trw@mail.gmail.com> <540CCA3E.8020505@qti.qualcomm.com>
Date: Sun, 7 Sep 2014 17:44:16 -0400
X-Google-Sender-Auth: uWEr1MNjy9IpC981nGLqdPHwUm0
Message-ID: <CAMm+Lwi7eOswdDa7AjzEczjybnZVzi_22MFVoL+e8xzhSQJnBg@mail.gmail.com>
From: Phillip Hallam-Baker <phill@hallambaker.com>
To: Pete Resnick <presnick@qti.qualcomm.com>
Content-Type: text/plain; charset=UTF-8
Archived-At: http://mailarchive.ietf.org/arch/msg/endymail/dtk5aI2mmSQ8UXmGyU-5FQJwuzI
Cc: Eliot Lear <lear@cisco.com>, endymail <endymail@ietf.org>
Subject: Re: [Endymail] spam versus cleartext
X-BeenThere: endymail@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <endymail.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/endymail>, <mailto:endymail-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/endymail/>
List-Post: <mailto:endymail@ietf.org>
List-Help: <mailto:endymail-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/endymail>, <mailto:endymail-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 07 Sep 2014 21:44:20 -0000

On Sun, Sep 7, 2014 at 5:12 PM, Pete Resnick <presnick@qti.qualcomm.com> wrote:
> On 9/7/14 11:09 AM, Phillip Hallam-Baker wrote:
>>
>> On Sun, Sep 7, 2014 at 9:21 AM, Pete Resnick<presnick@qti.qualcomm.com>
>> wrote:
>>
>>
>>>
>>> Along similar lines to what John Levine said,: Obviously doing e2e crypto
>>> gets you signatures. Since we are blue-skying here, I think it is
>>> perfectly
>>> plausible to say, "If you want to send me e2e encrypted messages, you
>>> also
>>> have to send me signed messages, and you don't or your signature is not
>>> in
>>> my contacts list already, your encrypted mail is going to bounce." I
>>> think
>>> it's possible that in the fullness of time, many users go to a
>>> contact-list
>>> model of email (a la IM) where the mail simply bounces unless it has a
>>> signature that is already in the contacts list.
>>>
>>
>>
>> I think that is right, but not the whole picture.
>>
>
>
> A tangential up-level: I haven't gotten through all of the mail on the list
> yet (travel and other things have slowed me down), but I do notice that
> there has been quite a bit of "whole picture" discussion. I think that's
> fine, as blue-skying does involve thinking about how all of the pieces fit
> together. But as Stephen and I said in the first message, the thing we're
> looking for on this list is to "identify some bit(s) of work that the IETF
> could credibly do that'd improve the real-world end-to-end security and
> privacy of email. And note that 'credible' there requires stuff to be both
> technically sane and to have a sufficient set of capable folks interested
> and willing to do work." So while it's *possible* that a forklift
> replacement of email as we know it might be one of those "bits of work",
> separating out some smaller work items that could eventually be fit together
> into a shiny new system are probably the more interesting ideas. :-)

I don't think we can get rid of SMTP right now.

But any system that allows a sender to decide between sending
encrypted and sending in plaintext can easily contain a slot that
makes it *really easy* to swap out SMTP if desired.


The bit that I really don't want to redo is the S/MIME messaging
layer.  That works fine for packaging up the bytes. It works with
attachments and all the stuff we expect from modern mail.

Any new mail security standard has to be able to serve as a
replacement for both S/MIME and PGP. Otherwise we will just continue
the standards stalemate. It is easier to graft PGP functions onto the
fully developed S/MIME message format than to try to get PGP/MIME up
to a similar level of support.

But we do have to make sure PGP users don't get left behind and they
have to be able to achieve the same level of security they can achieve
today without being required to use a CA.


> That said, a couple of questions that have been rattling around in my brain:
>
>> I see endymail as a subset of mail. All mail should be encrypted at
>> the message layer but only whitelisted mail would be e2e encrypted.
>>
>> This can be done automatically as follows:
>>
>>
>> A) Some sort of discovery infrastructure maps email addresses to key
>> hashes.
>> B) Some sort of discovery infrastructure maps key hashes to keys.
>>
>
>
> I've been wondering about this. When I think about using crypto (whether
> encryption or signatures), it seems like requiring a discovery mechanism was
> increasing the burden. For many of my correspondents, with whom I'm
> currently communicating in the clear, a TOFU key exchange in those emails
> (authenticated out-of-band) might be a plausible mechanism.
>
> When we think about this, do we really need to assume that we either use the
> old or the new, and never the twain shall meet?

Well the discovery mechanism could be as minimal as 'take a domain
name and a hash of the key, pull the key from
http://<domain>/.well-known/phb/<hash>

I don't want to put anything more complicated in the client though.
Because as you point out, there are likely to be lots of ideas. And in
particular there will be ideas based on TRANS like infrastructures.

>From a trust point of view, the expiry of the Harber-Stornetta patents
is a very big deal. Putting keys and/or certs into notary logs gives a
huge amount of leverage. It also means that you will want some sort of
infrastructure fishing keys out of the logs.

But just don't weld any of that into clients yet...

v2.8.7 | Report a Bug | By Email