IETF Logo Mail Archive

Re: [Endymail] Improvements to S/MIME

Phillip Hallam-Baker <phill@hallambaker.com> Fri, 12 September 2014 18:52 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: endymail@ietfa.amsl.com
Delivered-To: endymail@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 468361A7028 for <endymail@ietfa.amsl.com>; Fri, 12 Sep 2014 11:52:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.278
X-Spam-Level:
X-Spam-Status: No, score=-1.278 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TNH1-dBtV7-J for <endymail@ietfa.amsl.com>; Fri, 12 Sep 2014 11:52:26 -0700 (PDT)
Received: from mail-lb0-x22f.google.com (mail-lb0-x22f.google.com [IPv6:2a00:1450:4010:c04::22f]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2F6CB1A6F85 for <endymail@ietf.org>; Fri, 12 Sep 2014 11:52:26 -0700 (PDT)
Received: by mail-lb0-f175.google.com with SMTP id v6so1425386lbi.20 for <endymail@ietf.org>; Fri, 12 Sep 2014 11:52:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=K7cAyTrWqCkdZcxGJXRwuKj2iFMNAe2fXzJgv72iomE=; b=EUUPo6cmH3QCp5HALFQ/wsqtic7UZM5ICzCCsr8BCU7VOlaDJpaB2PdsX+N1aIvRSP LLFkbb85Dvvs0/9yqr22wo2JTpzi6leTHm3aorHfhxWFVL9S+5TbqLotX8qsNCFF2zKF /MZzjEOiOmYn7oeDtWvY561d3yHyLvF1V34WXTwNwi442OlyfXNC267swR001Fqx3dup IYo4+YOOxiZEYV0AvtE2Cy3sTzASj8Z54rH1MujT0iz3tZd04kTWzFk408dcU4eVD7GO rRUke7hc4eY3fXhOzqtNFTN2YlpEO8PnDYDPomb4pJ7PTWSW7Un66vplmcMuCKPNGR2q mTDw==
MIME-Version: 1.0
X-Received: by 10.152.1.137 with SMTP id 9mr10963228lam.85.1410547944493; Fri, 12 Sep 2014 11:52:24 -0700 (PDT)
Sender: hallam@gmail.com
Received: by 10.112.122.51 with HTTP; Fri, 12 Sep 2014 11:52:24 -0700 (PDT)
In-Reply-To: <54133D0A.10603@gmail.com>
References: <CAAFsWK0VtnVvKwvkC1kjK+yKORkADVW1cKDx7nQ1fxA=dpZeTQ@mail.gmail.com> <3f5714b98514a5fc21cf872c798bc3445317968b88bf5ebac39505df09b11475.sha-256@android.antelope.email> <54133D0A.10603@gmail.com>
Date: Fri, 12 Sep 2014 14:52:24 -0400
X-Google-Sender-Auth: hgvrhM0i7xwTVsd-3lkDE10grbk
Message-ID: <CAMm+LwiM9B=rHHSvyLFBQ0h6hX40ceoSfh9grPnahOwtXJb2vg@mail.gmail.com>
From: Phillip Hallam-Baker <phill@hallambaker.com>
To: Dave Crocker <dcrocker@gmail.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: http://mailarchive.ietf.org/arch/msg/endymail/pVsI1WHWJou4X2_B5Syd63U1pis
Cc: Arnt Gulbrandsen <arnt@gulbrandsen.priv.no>, endymail <endymail@ietf.org>
Subject: Re: [Endymail] Improvements to S/MIME
X-BeenThere: endymail@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <endymail.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/endymail>, <mailto:endymail-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/endymail/>
List-Post: <mailto:endymail@ietf.org>
List-Help: <mailto:endymail-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/endymail>, <mailto:endymail-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Sep 2014 18:52:27 -0000

On Fri, Sep 12, 2014 at 2:35 PM, Dave Crocker <dcrocker@gmail.com> wrote:
> On 9/12/2014 11:12 AM, Arnt Gulbrandsen wrote:
>> Just a question... I heard someone say at one IETF conference that
>> S/MIME is the only standard with more implementations than users. Why
>> has it suffered that fate? Surely not because of the two problems you
>> mention.
>
>
> Generic discussions about challenges in gaining use of end2end security
> at Internet scale seem to be applicable to S/Mime.
>
> They note:
>
>    1.  We don't have an existence proof for workable key management at
> scale.
>
>    2.  We don't have an existence proof for usability (UX, HCI, etc.) at
> Internet scale, which means workable for non-geeks who have no extra
> motivation.

For once I agree with Dave, sort of.

It is important to keep note of such issues. But solving them is not
very difficult. Making S/MIME cover the whole message is trivial: Just
extract the whole message including the content headers, encrypt it
and stick it in an attachment. Job done.

The only problem here then is knowing if the recipient supports this
S/MIME format. Which is one of the systemic problems that makes S/MIME
unusable: there is no negotiation mechanism and no way for the sender
to know what the receiver can accept. There are many pieces of data a
sender needs to know:

1) Should encryption be used in preference to plaintext?
2) Does the receiver support AES?
3) Does the receiver support PGP message format?
4) Does the receiver support S/MIME message format?
5) Versions, options on the above.


But what is critical is that if we do end up deploying one of the
proposals that solves these problems - and we already have a working
proof of concept, we have to make sure that the 'encrypt entire
message' issue is not forgotten.

But given that PGP has the same problem, I think this particular
feature could well be a point that gets the two camps to agree on
convergence. Because surely we can all agree that not encrypting the
subject line was a ridiculous limitation that makes the specs toybox
implementations.

v2.23.0 | Report a Bug | By Email