Re: [ietf-smtp] Public Key Look Up
John Levine <johnl@taugh.com> Sat, 08 May 2021 15:17 UTC
Return-Path: <johnl@iecc.com>
X-Original-To: ietf-smtp@ietfa.amsl.com
Delivered-To: ietf-smtp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F361D3A1B65 for <ietf-smtp@ietfa.amsl.com>; Sat, 8 May 2021 08:17:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.85
X-Spam-Level:
X-Spam-Status: No, score=-1.85 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b=dk1O0EIH; dkim=pass (2048-bit key) header.d=taugh.com header.b=qUn/ucqS
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 52-9NleLoc_1 for <ietf-smtp@ietfa.amsl.com>; Sat, 8 May 2021 08:17:48 -0700 (PDT)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7BC913A1B68 for <ietf-smtp@ietf.org>; Sat, 8 May 2021 08:17:48 -0700 (PDT)
Received: (qmail 12260 invoked from network); 8 May 2021 15:17:46 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:cleverness; s=2fe0.6096ab9a.k2105; bh=5zUKiuHA9jZzya1lmiZHObUmZhUPSI1mEkG7IdLO1T8=; b=dk1O0EIHm1pilvZw3dI69Ta0zT/AJO8wt4tC+bezx5V+8fL2Vi8ZDyD5mccPpxdSO9ANjfWy3yjnKs9JPzphLB3NBbhZjStfbMBSJfc4M7BJE0dj9FWYHaaVC/Zcm2h4JgoVAv54R7qskXo1lrwE5MwzjvsSswdpWLs8+LZj2Wz85f61YZauDM2PA91u9D1fQzgKUzPODgeTKqdAl9zZK4PxgDpJRMtJAf34XHln/IXmJlbX5HhVpWdoyY1WMkIh3o7dlE/knlJvi1al47AjKiwS5RL6s+Mr7lmVdkvrx6FJOjWxZi77eriY8XLYsvBIV84aqvk2uOuv4GW5HKfbgQ==
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:cleverness; s=2fe0.6096ab9a.k2105; bh=5zUKiuHA9jZzya1lmiZHObUmZhUPSI1mEkG7IdLO1T8=; b=qUn/ucqS1hOwy/HpIXcJOhxNKe6Gexh9eu80RFEA8+jIsPmRqp+n3SM8deW1KIH6hCeLeiWkA+9IyaUMdz3lkujD8bg34brOR2p6wIdkPKElKr9UmETC6foVgNGidlrBXK/1ZawdcsXRhJDZXPIuDEvP5cjtFjBLfOuOls6ADb7PlZxtiTOGziTRyc51ZoxjarOeWRGPsVgChRmU4sBkg64cL7SHhdKybAQ9XWXaayiuSVZT22TKDngSaTAL33FZJF8LgcfMEppn1+6WmVcDPIi5J19BCFsyczP4lK22Q2XG8rijqp/ZxqEGI9HVHx7ZvRskm9Z6JT9rpi/hZ6Qe/g==
Received: from ary.qy ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.2 ECDHE-RSA AES-256-GCM AEAD) via TCP6; 08 May 2021 15:17:46 -0000
Received: by ary.qy (Postfix, from userid 501) id D65A672B269; Sat, 8 May 2021 11:17:44 -0400 (EDT)
Date: Sat, 08 May 2021 11:17:44 -0400
Message-Id: <20210508151744.D65A672B269@ary.qy>
From: John Levine <johnl@taugh.com>
To: ietf-smtp@ietf.org
Cc: jgh@wizmail.org
In-Reply-To: <dbfa2ca5-1182-43c9-4964-2ae1484c881e@wizmail.org>
Organization: Taughannock Networks
X-Headerized: yes
Cleverness: minimal
Mime-Version: 1.0
Content-type: text/plain; charset="utf-8"
Content-transfer-encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-smtp/IKimoEi7_7iZlDJAma7qbyWAGac>
Subject: Re: [ietf-smtp] Public Key Look Up
X-BeenThere: ietf-smtp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussion of issues related to Simple Mail Transfer Protocol \(SMTP\) \[RFC 821, RFC 2821, RFC 5321\]" <ietf-smtp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-smtp>, <mailto:ietf-smtp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-smtp/>
List-Post: <mailto:ietf-smtp@ietf.org>
List-Help: <mailto:ietf-smtp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-smtp>, <mailto:ietf-smtp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 08 May 2021 15:17:54 -0000
It appears that Jeremy Harris <jgh@wizmail.org> said: >On 08/05/2021 15:03, patrick.peisker=40protonmail.com@dmarc.ietf.org wrote: >> In order to address this interoperability issue in a standards centric approach, the proposal is the addition of >a new SMTP command to allow the retrieval of a recipients public key prior to the transmission of a mail. This >will enable the sender to encrypt the email content before the same is transmitted through the existing SMTP >commands. > >This requires the MUA to be a full MTA not just an MSA passing off outbound >traffic to a real MTA, Not the current usual architecture. It also treats mail providers like Google and Comcast as "end users" which seems quite wrong. We have had standard ways to encrypt mail with S/MIME and PGP for a long time. It happens in the MUA so the MTAs are outside the trust boundaries and see only an encrypted blob of data. S/MIME is widely supported on desktop and mobile MUAs (Apple mail on an iPad, for example) but hardly anyone uses it which should tell us something. There are no standard ways to look up S/MIME or PGP public keys because secure key lookup is a very difficult problem. How do you know you are talking to the "real" key server? Why do you believe what it tells you? PGP has its web-of-trust which we have repeatedly learned does not scale beyond tiny niche communities. S/MIME is TOFU; if I send you a signed message, it includes my public key, and MUAs remember the key in the address book so you can encrypt mail to me. Given our decades of failure getting people to use e2e encrypted mail I don't see any point in doing it again. On the other hand, channel encryption with STARTTLS is now nearly universal since it doesn't depend on users to do anything. R's, John
- Re: [ietf-smtp] Public Key Look Up Jeremy Harris
- [ietf-smtp] Public Key Look Up patrick.peisker
- Re: [ietf-smtp] Public Key Look Up John Levine
- Re: [ietf-smtp] Public Key Look Up John C Klensin
- Re: [ietf-smtp] Public Key Look Up John C Klensin
- Re: [ietf-smtp] Public Key Look Up John Levine
- Re: [ietf-smtp] Public Key Look Up Dave Crocker
- Re: [ietf-smtp] Public Key Look Up Alessandro Vesely
- Re: [ietf-smtp] Public Key Look Up John Levine
- Re: [ietf-smtp] Public Key Look Up John C Klensin
- Re: [ietf-smtp] Public Key Look Up Alessandro Vesely
- Re: [ietf-smtp] Public Key Look Up Dave Crocker
- Re: [ietf-smtp] Public Key Look Up John R Levine
- Re: [ietf-smtp] Public Key Look Up Valdis Kl ē tnieks
- Re: [ietf-smtp] Public Key Look Up Alessandro Vesely
- Re: [ietf-smtp] Public Key Look Up Alessandro Vesely
- Re: [ietf-smtp] Public Key Look Up John C Klensin
- Re: [ietf-smtp] Public Key Look Up John C Klensin
- Re: [ietf-smtp] Public Key Look Up Dave Crocker
- Re: [ietf-smtp] Public Key Look Up Dave Crocker
- Re: [ietf-smtp] Public Key Look Up Ned Freed
- Re: [ietf-smtp] Public Key Look Up John C Klensin
- Re: [ietf-smtp] Public Key Look Up Alessandro Vesely
- Re: [ietf-smtp] Public Key Look Up Alessandro Vesely
- Re: [ietf-smtp] Public Key Look Up Richard Clayton
- Re: [ietf-smtp] Public Key Look Up Matthias Leisi
- Re: [ietf-smtp] Public Key Look Up John C Klensin
- Re: [ietf-smtp] Public Key Look Up John R Levine
- Re: [ietf-smtp] Public Key Look Up John Levine
- Re: [ietf-smtp] Public Key Look Up Gene Hightower
- Re: [ietf-smtp] Public Key Look Up Gene Hightower
- Re: [ietf-smtp] Public Key Look Up John Levine
- Re: [ietf-smtp] Public Key Look Up Gene Hightower
- Re: [ietf-smtp] Public Key Look Up John C Klensin
- Re: [ietf-smtp] Public Key Look Up Matthias Leisi
- Re: [ietf-smtp] Public Key Look Up John Levine
- Re: [ietf-smtp] Public Key Look Up patrick.peisker