IETF Logo Mail Archive

Re: [Endymail] FW: Group/Enterprise encrypted email

"Nordgren, Bryce L -FS" <bnordgren@fs.fed.us> Wed, 03 June 2015 22:20 UTC

Return-Path: <bnordgren@fs.fed.us>
X-Original-To: endymail@ietfa.amsl.com
Delivered-To: endymail@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 69F641B3001 for <endymail@ietfa.amsl.com>; Wed, 3 Jun 2015 15:20:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id V3vtccdCPKlV for <endymail@ietfa.amsl.com>; Wed, 3 Jun 2015 15:20:21 -0700 (PDT)
Received: from na01-bl2-obe.outbound.protection.outlook.com (mail-bl2on0062.outbound.protection.outlook.com [65.55.169.62]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 541F91B2FFF for <endymail@ietf.org>; Wed, 3 Jun 2015 15:20:20 -0700 (PDT)
Received: from CY1PR06MB1836.namprd06.prod.outlook.com (25.162.217.18) by CY1PR06MB1804.namprd06.prod.outlook.com (25.162.216.158) with Microsoft SMTP Server (TLS) id 15.1.172.22; Wed, 3 Jun 2015 22:20:18 +0000
Received: from CY1PR0601CA0032.namprd06.prod.outlook.com (25.160.162.42) by CY1PR06MB1836.namprd06.prod.outlook.com (25.162.217.18) with Microsoft SMTP Server (TLS) id 15.1.172.22; Wed, 3 Jun 2015 22:20:17 +0000
Received: from BN1AFFO11FD019.protection.gbl (2a01:111:f400:7c10::119) by CY1PR0601CA0032.outlook.office365.com (2a01:111:e400:4c00::42) with Microsoft SMTP Server (TLS) id 15.1.184.17 via Frontend Transport; Wed, 3 Jun 2015 22:20:17 +0000
Authentication-Results: spf=pass (sender IP is 199.135.140.11) smtp.mailfrom=fs.fed.us; hallambaker.com; dkim=none (message not signed) header.d=none;
Received-SPF: Pass (protection.outlook.com: domain of fs.fed.us designates 199.135.140.11 as permitted sender) receiver=protection.outlook.com; client-ip=199.135.140.11; helo=mail.usda.gov;
Received: from mail.usda.gov (199.135.140.11) by BN1AFFO11FD019.mail.protection.outlook.com (10.58.52.79) with Microsoft SMTP Server (TLS) id 15.1.184.11 via Frontend Transport; Wed, 3 Jun 2015 22:20:16 +0000
Received: from 001FSN2MPN1-046.001f.mgd2.msft.net ([169.254.6.131]) by 001FSN2MMR1-001.001f.mgd2.msft.net ([199.135.140.11]) with mapi id 14.03.0224.003; Wed, 3 Jun 2015 22:20:15 +0000
From: "Nordgren, Bryce L -FS" <bnordgren@fs.fed.us>
To: Phillip Hallam-Baker <phill@hallambaker.com>
Thread-Topic: [Endymail] FW: Group/Enterprise encrypted email
Thread-Index: AdCaU4EBKI9vXfbmSrKplnpcKmT5cgCPeK3wABeENQAAG8dZUAAyKjMAAADg6CAAA4+bgAAAQ2EAAAHlwYAAADEG8A==
Date: Wed, 03 Jun 2015 22:20:14 +0000
Message-ID: <82E7C9A01FD0764CACDD35D10F5DFB6E7E1614@001FSN2MPN1-046.001f.mgd2.msft.net>
References: <82E7C9A01FD0764CACDD35D10F5DFB6E7DFBBD@001FSN2MPN1-046.001f.mgd2.msft.net> <000d01d09cef$76039f10$620add30$@icloud.com> <82E7C9A01FD0764CACDD35D10F5DFB6E7E1094@001FSN2MPN1-046.001f.mgd2.msft.net> <007001d09e27$3c3083f0$b4918bd0$@icloud.com> <82E7C9A01FD0764CACDD35D10F5DFB6E7E154A@001FSN2MPN1-046.001f.mgd2.msft.net> <CAMm+Lwgk9pMdURgNg=vvSbwNkQw_Q9Qmn=bgExU7Mqdvsun_DA@mail.gmail.com> <82E7C9A01FD0764CACDD35D10F5DFB6E7E159E@001FSN2MPN1-046.001f.mgd2.msft.net> <CAMm+Lwikmt--GVVT_UPYjY5WcxcBJ_2geg5EkA47F7=gp-sYww@mail.gmail.com>
In-Reply-To: <CAMm+Lwikmt--GVVT_UPYjY5WcxcBJ_2geg5EkA47F7=gp-sYww@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [166.7.27.143]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-EOPAttributedMessage: 0
X-Microsoft-Exchange-Diagnostics: 1; BN1AFFO11FD019; 1:PjSliuF6n0sioX+23Tf7p1mg67akUxtQFLRTpvsN2ig8M6ROgL2d8TcJlu91veT+pzw0d3cEGr89Z/So4coqsrmFP3RFaUoqcgioZNqfynKj0UwSS+01rrwpXR0XBejRJHjkNLZt3k2eMkQiMN3XA0PmePP+4o2aUku0XKuBBMss+mEqES86Eom6d9S5dhU3nZ9K9zjkKNRl9tPAL2+gW9JVY4y/WUAviaJ1zT/WBWbm00yVGyC9zkHLFGfdFeo9YWpuAArp/7LIUc5pStOMbs3NEiiB0vy3h3jcR57gxJE=
X-Forefront-Antispam-Report: CIP:199.135.140.11; CTRY:US; IPV:CAL; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(10009020)(6009001)(438002)(199003)(189002)(5001860100001)(77156002)(5001830100001)(92566002)(102836002)(69596002)(110136002)(62966003)(23676002)(46102003)(104016003)(68736005)(5001960100002)(97736004)(54356999)(66066001)(6806004)(4001540100001)(81156007)(26826002)(64706001)(33656002)(74482002)(50986999)(76176999)(2900100001)(2950100001)(2920100001)(561944003)(87936001)(189998001)(86146001)(86362001)(47776003)(22756005)(106466001)(2656002)(55846006)(93886004)(50466002)(22746005)(7059030)(80862005)(79686002); DIR:OUT; SFP:1101; SCL:1; SRVR:CY1PR06MB1836; H:mail.usda.gov; FPR:; SPF:Pass; PTR:InfoDomainNonexistent; A:1; MX:1; LANG:en;
X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:; SRVR:CY1PR06MB1836; UriScan:; BCL:0; PCL:0; RULEID:; SRVR:CY1PR06MB1804;
X-Microsoft-Antispam-PRVS: <CY1PR06MB1836AACAE35C82A679E039C7E5B40@CY1PR06MB1836.namprd06.prod.outlook.com>
X-Exchange-Antispam-Report-Test: UriScan:;
X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(601004)(5005006)(520003)(3002001); SRVR:CY1PR06MB1836; BCL:0; PCL:0; RULEID:; SRVR:CY1PR06MB1836;
X-Forefront-PRVS: 05961EBAFC
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 03 Jun 2015 22:20:16.7367 (UTC)
X-MS-Exchange-CrossTenant-Id: 49808c08-7df8-4c41-af62-7a0827de9408
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=49808c08-7df8-4c41-af62-7a0827de9408; Ip=[199.135.140.11]; Helo=[mail.usda.gov]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY1PR06MB1836
X-OriginatorOrg: fs.fed.us
Archived-At: <http://mailarchive.ietf.org/arch/msg/endymail/jqTm1CWsmNeu71BjFKr__5Elg1g>
Cc: Trevor Freeman <trevor.freeman99@icloud.com>, "endymail@ietf.org" <endymail@ietf.org>
Subject: Re: [Endymail] FW: Group/Enterprise encrypted email
X-BeenThere: endymail@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <endymail.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/endymail>, <mailto:endymail-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/endymail/>
List-Post: <mailto:endymail@ietf.org>
List-Help: <mailto:endymail-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/endymail>, <mailto:endymail-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Jun 2015 22:20:23 -0000

>Trying to absolutely control the flow of information has a lousy track record. 
>And not just in the US but FOIA means that the US examples are rather more 
>obvious. Trying to lock everything down resulted in security systems so complicated, 
>even an MIT professor was unable to figure them out when he was made CIA director. 

>The lesson we have learned is that imperfect security systems that are acceptable 
>to end users are much more effective than theoretically perfect schemes that users 
>bypass. It is possible that the US federal govt. will learn the same lesson someday. 
> If they ever do, they know where to look.

I think we are in agreement that top down micromanagement of information flow is bad. My comments are intended to align the language in the doc with the actual security provided, not cause anyone to fix perceived security holes. :) It does very much read like the intent is to set up a DRM such that conforming systems provide certain guarantees. It shouldn't.

I'm not certain I've been persuaded that the DRM-esque aspects are worthwhile. Sticking with normal, un-augmented email semantics simplifies this proposal to the point that implementers may be able to make the encryption process completely transparent to users, or at least boil it down to a checkbox. Much of the value associated with generalizing the available policies beyond "encrypt this message and disseminate keys to the email recipients" seems to be predicated on prose making guarantees of policy enforcement across organizational boundaries. A very much clearer and more precise value statement is warranted.

Perhaps this is answered in that other spec, but I don't yet see how the mail client knows what parameters are expected by the policy. Does it need to understand and implement a UI for some sort of policy schema language?

Best,
Bryce

v2.23.0 | Report a Bug | By Email