Re: [Endymail] spam versus cleartext

Phillip Hallam-Baker <hallam@gmail.com> Mon, 08 September 2014 21:40 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: endymail@ietfa.amsl.com
Delivered-To: endymail@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 684CF1A03CA for <endymail@ietfa.amsl.com>; Mon, 8 Sep 2014 14:40:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nnGQlOs-otvC for <endymail@ietfa.amsl.com>; Mon, 8 Sep 2014 14:40:33 -0700 (PDT)
Received: from mail-qc0-x230.google.com (mail-qc0-x230.google.com [IPv6:2607:f8b0:400d:c01::230]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 78DA81A03BE for <endymail@ietf.org>; Mon, 8 Sep 2014 14:40:33 -0700 (PDT)
Received: by mail-qc0-f176.google.com with SMTP id x3so3261173qcv.35 for <endymail@ietf.org>; Mon, 08 Sep 2014 14:40:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=ihA/DcT76PKg2CCqDUFtPg52OyKycKQWRGTvvfeGbzs=; b=Dv/WRdIzyg90DaZ1HZ3GThea81Wxagh6Q+P6cWvanF75f4HcCROV/wUeIgzbZy4z2r h2Lyx2ZXHBewOB+4BQtTg2TUt/LBGr7NBNZ07jfRmbOwdkvXspxp/ULKyfCQncelpFIt wlcyHPv0r+iTNQjfxYAHbfAUaRDsydI+JuzrnEwN23P1tfSjSuDg036lnpxFKcLjXb24 WG1CjI5idMzRceHdmPYAeLaM0RQ1oAq1LdGprA6/A+o7r96sRTLY1e96/vYdRtLORCqD coe1hLaqEwN6DSESD+SeqfRh12iOHbdlTemuCfdwkXqsh7o6GVCKMWSsVh/Yopfj52Mj W1tg==
X-Received: by 10.229.33.202 with SMTP id i10mr45534940qcd.2.1410212432724; Mon, 08 Sep 2014 14:40:32 -0700 (PDT)
Received: from [33.140.142.57] ([172.56.22.212]) by mx.google.com with ESMTPSA id v90sm8260461qge.31.2014.09.08.14.40.30 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Mon, 08 Sep 2014 14:40:30 -0700 (PDT)
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (1.0)
From: Phillip Hallam-Baker <hallam@gmail.com>
X-Mailer: iPad Mail (11B651)
In-Reply-To: <87egvm7y4o.fsf@vigenere.g10code.de>
Date: Mon, 8 Sep 2014 17:40:30 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <4955A873-0457-4089-A289-5F5240CA44A2@gmail.com>
References: <540AABF8.8000605@cisco.com> <CAMm+Lwh1JJQTOgRN_31b3+oTreeHzntBxx5sNeAFQAwnac9trw@mail.gmail.com> <540C5BE1.6010405@qti.qualcomm.com> <540CCA3E.8020505@qti.qualcomm.com> <alpine.BSF.2.11.1409071906310.16169@joyce.lan> <20140908030941.GT26920@mournblade.imrryr.org> <CAMm+LwhMsx7pGJo_pRPUWj_GqZfD_s78z+KMw_YOZ92LsoExMg@mail.gmail.com> <87egvm7y4o.fsf@vigenere.g10code.de>
To: Werner Koch <wk@gnupg.org>
Archived-At: http://mailarchive.ietf.org/arch/msg/endymail/x9EEwIhtYMY_IczsugWWDKNp2as
Cc: Phillip Hallam-Baker <phill@hallambaker.com>, endymail <endymail@ietf.org>
Subject: Re: [Endymail] spam versus cleartext
X-BeenThere: endymail@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <endymail.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/endymail>, <mailto:endymail-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/endymail/>
List-Post: <mailto:endymail@ietf.org>
List-Help: <mailto:endymail-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/endymail>, <mailto:endymail-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Sep 2014 21:40:35 -0000

yes and no.

yes you can do that sort of thing with PGP, but being able to to it and having one way to do it that everyone follows are very different things.

It is entirely possible to configure pgp to give online/offline key separation as well. But the amount of effort required is non-trivial and the value is negligible if there is no code that would make use of it.


Support for the model requires all the issue infrastructure support for the hierechical issuers.


Sent from my iPad

> On Sep 8, 2014, at 2:41 PM, Werner Koch <wk@gnupg.org> wrote:
> 
> On Mon,  8 Sep 2014 15:53, phill@hallambaker.com said:
> 
>> to use the Google CA. One of the weaknesses of the PGP model was that
>> the design ignored the fact that in many circumstances we are in
>> hierarchical organization structures that the CA model matches very
> 
> Which was fixed 16 years ago with OpenPGP (RFC-2440).  OpenPGP actually
> provide a superset of the features you require to implement the X.509
> model.  It does not demand its use as it also does not demand the use of
> the WoT or any other key validation model - this is all left to the
> implementation.  Both major implementations support the hierarchicalthere
> model.
> 
> 
> Shalom-Salam,
> 
>   Werner
> 
> -- 
> Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
>