IETF Logo Mail Archive

Re: [Endymail] spam versus cleartext

"John R Levine" <johnl@taugh.com> Sun, 07 September 2014 23:06 UTC

Return-Path: <johnl@taugh.com>
X-Original-To: endymail@ietfa.amsl.com
Delivered-To: endymail@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DFB941A0860 for <endymail@ietfa.amsl.com>; Sun, 7 Sep 2014 16:06:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.762
X-Spam-Level:
X-Spam-Status: No, score=0.762 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HELO_MISMATCH_COM=0.553, HOST_MISMATCH_NET=0.311, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VCZInBuFRP48 for <endymail@ietfa.amsl.com>; Sun, 7 Sep 2014 16:06:57 -0700 (PDT)
Received: from miucha.iecc.com (abusenet-1-pt.tunnel.tserv4.nyc4.ipv6.he.net [IPv6:2001:470:1f06:1126::2]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 315821A0842 for <endymail@ietf.org>; Sun, 7 Sep 2014 16:06:56 -0700 (PDT)
Received: (qmail 99354 invoked from network); 7 Sep 2014 23:06:55 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent; s=18419.540ce50f.k1409; bh=I2lFDV7xe02SsTpq1/Fq7yh+L2XJO3ZB2AoVwQhzXLQ=; b=LY8HaRVDVHxncylDizYPJkDW2m1eupq/jOJvqX7LxHcJsT8P2tQVcBM66eM3nCyyKTowDZLBCgGUwaFPtsrg9qJeRQ28LdAM0yhBRKHgjUPaLtQ6VfO7ihGvYV5CH5v1jGL0D8x8qxJ4BlATKSWUYn5PSDUlFb42b2vPYypwhVhgcH41C0YUZf4DPfDEajs7FqzdCJ2Rui9TWUlnhsnpeXGR0jS/v2D1CYjizDXlEwesxrdVmFISxAyGVmS8hXD7
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent; s=18419.540ce50f.k1409; bh=I2lFDV7xe02SsTpq1/Fq7yh+L2XJO3ZB2AoVwQhzXLQ=; b=bAGQcqlBfShaK6uHVNfksUSO3FQeRkDPJLtBMMBUe/dC+XVfDI8YtoUH18KJAUVYnQ9O95YkIqPDjPmquS82BwzipnMC90oNPdWTvtZ7imK/P9CyEpgpCj2w8hHp6KV1jTxxuUAyvHzKMCTkVaRzGOTR1eRUuNB63Zdzc52zpk2evqVB0yWM5fiQTHAe9oUH+HO8Ck3aN1lTrRE1Px90RblXOm/B+mV4qitxnXhrakUjKHZtaZLaZy0+BqQXm10H
Received: from localhost ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.0/X.509/SHA1) via TCP6; 07 Sep 2014 23:06:55 -0000
Date: 7 Sep 2014 19:06:54 -0400
Message-ID: <alpine.BSF.2.11.1409071906310.16169@joyce.lan>
From: "John R Levine" <johnl@taugh.com>
To: "Pete Resnick" <presnick@qti.qualcomm.com>
In-Reply-To: <540CCA3E.8020505@qti.qualcomm.com>
References: <540AABF8.8000605@cisco.com> <CAMm+Lwh1JJQTOgRN_31b3+oTreeHzntBxx5sNeAFQAwnac9trw@mail.gmail.com> <540C5BE1.6010405@qti.qualcomm.com> <540CCA3E.8020505@qti.qualcomm.com>
User-Agent: Alpine 2.11 (BSF 23 2013-08-11)
MIME-Version: 1.0
Content-Type: MULTIPART/signed; protocol="application/pkcs7-signature"; micalg=sha1; BOUNDARY="3825401791-2067031743-1410131215=:16169"
Archived-At: http://mailarchive.ietf.org/arch/msg/endymail/htSwS9oXfMHky5xe8LUnEtYBxZY
Cc: endymail <endymail@ietf.org>
Subject: Re: [Endymail] spam versus cleartext
X-BeenThere: endymail@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <endymail.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/endymail>, <mailto:endymail-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/endymail/>
List-Post: <mailto:endymail@ietf.org>
List-Help: <mailto:endymail-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/endymail>, <mailto:endymail-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 07 Sep 2014 23:06:59 -0000

>I've been wondering about this. When I think about using crypto (whether 
>encryption or signatures), it seems like requiring a discovery mechanism 
>was increasing the burden. For many of my correspondents, with whom I'm 
>currently communicating in the clear, a TOFU key exchange in those 
>emails (authenticated out-of-band) might be a plausible mechanism.

Take current implementations of S/MIME and adjust them to allow
self-signed certificates in addition to (or instead of) ones signed by
a list of CAs configured into the MUA.

All done.

In my experience, the main problems with S/MIME are key distribution
and key discovery.  For key distribution, you need to go to someplace
like Comodo or Startcom to get a signed cert, which goes into your
browser, and then you need to do some grotty software specific thing
to export it from the browser and import it into the MUA.

For key discovery, in practice everyone populates their keystores with
certs from incoming signed mail, which is supposed to be safe because
it only accepts keys that are signed.  It is supposed to be possible
to get keys via LDAP from a key server, but people don't do that.

A system with key discovery, so you can send all mail encrypted to
someone, including the first one, seems more useful than one that
requires an insecure handshake first.  Key distribtion via DANE could
be a reasonable approach.

R's,
John

v2.8.7 | Report a Bug | By Email