IETF Logo Mail Archive

Re: pgp signing in van

Ted Lemon <Ted.Lemon@nominum.com> Mon, 09 September 2013 14:05 UTC

Return-Path: <Ted.Lemon@nominum.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 341CD21F9FBA for <ietf@ietfa.amsl.com>; Mon, 9 Sep 2013 07:05:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.599
X-Spam-Level:
X-Spam-Status: No, score=-106.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id b6nKm9zYV2dv for <ietf@ietfa.amsl.com>; Mon, 9 Sep 2013 07:05:00 -0700 (PDT)
Received: from exprod7og127.obsmtp.com (exprod7og127.obsmtp.com [64.18.2.210]) by ietfa.amsl.com (Postfix) with ESMTP id 3780121E81DF for <ietf@ietf.org>; Mon, 9 Sep 2013 06:58:36 -0700 (PDT)
Received: from shell-too.nominum.com ([64.89.228.229]) (using TLSv1) by exprod7ob127.postini.com ([64.18.6.12]) with SMTP ID DSNKUi3UDOeYb9bjfHMLK+wdUDnnW8qhLZAC@postini.com; Mon, 09 Sep 2013 06:58:36 PDT
Received: from archivist.nominum.com (archivist.nominum.com [64.89.228.108]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "*.nominum.com", Issuer "Go Daddy Secure Certification Authority" (verified OK)) by shell-too.nominum.com (Postfix) with ESMTP id D60741B8145 for <ietf@ietf.org>; Mon, 9 Sep 2013 06:58:35 -0700 (PDT)
Received: from webmail.nominum.com (cas-02.win.nominum.com [64.89.228.132]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (Client CN "mail.nominum.com", Issuer "Go Daddy Secure Certification Authority" (verified OK)) by archivist.nominum.com (Postfix) with ESMTPS id CFF8A190074 for <ietf@ietf.org>; Mon, 9 Sep 2013 06:58:35 -0700 (PDT) (envelope-from Ted.Lemon@nominum.com)
Received: from MBX-01.WIN.NOMINUM.COM ([64.89.228.133]) by CAS-02.WIN.NOMINUM.COM ([64.89.228.132]) with mapi id 14.02.0318.004; Mon, 9 Sep 2013 06:58:35 -0700
From: Ted Lemon <Ted.Lemon@nominum.com>
To: IETF discussion list <ietf@ietf.org>
Subject: Re: pgp signing in van
Thread-Topic: pgp signing in van
Thread-Index: AQHOqpqEB3VH/4NMm0OmqkHjUm9ALJm5aiMAgABaqYD//9WJAIAARlSA///KM4CAAFZ3gIAC1QGAgAAEoYCAAPmWgIAAFPEA
Date: Mon, 09 Sep 2013 13:58:34 +0000
Message-ID: <8D23D4052ABE7A4490E77B1A012B63077527C8AB@mbx-01.win.nominum.com>
References: <m2zjrq22wp.wl%randy@psg.com> <2309.1378487864@sandelman.ca> <522A5A45.7020208@isi.edu> <CA2A6416-7168-480A-8CE1-FB1EB6290C77@nominum.com> <522A71A5.6030808@gmail.com> <6DE840CA-2F3D-4AE5-B86A-90B39E07A35F@nominum.com> <CAPv4CP_ySqyEa57jUocVxX6M6DYef=DDdoB+XwmDMt5F9eGn1A@mail.gmail.com> <18992.1378676025@sandelman.ca> <8D23D4052ABE7A4490E77B1A012B63077527BC7A@mbx-01.win.nominum.com> <13787.1378730617@sandelman.ca>
In-Reply-To: <13787.1378730617@sandelman.ca>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [192.168.1.10]
Content-Type: text/plain; charset="us-ascii"
Content-ID: <F3650416F724284B8F05E395962A2B04@nominum.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Sep 2013 14:05:14 -0000

On Sep 9, 2013, at 8:43 AM, Michael Richardson <mcr+ietf@sandelman.ca> wrote:
>> What's the upside to signing my email?  I know why I want everybody I
>> know to sign my email, but what's the upside for me if I do it?  Until
>> there's a clear win, it's not going to happen.
> 
> It's what establishes the reputation of the key that signs your email.
> That's why having people show up to an IETF PGP signing party, when those
> people haven't been using the key is useless.   If we think that IETF
> is a meritocracy, then it doesn't matter what your government ID is.
> 
> It matters what you said on the mailing list.

On Sep 9, 2013, at 12:28 AM, l.wood@surrey.ac.uk wrote:
> There is no upside.
> 
> By signing your mail you lose plausible deniability, remove legal doubt as to what you said...

Your checks are in the mail.

Seriously, this perfectly illustrates the reason why PGP hasn't seen widespread deployment: it doesn't address a use case that anybody understands or cares about, and it appears to address a use case that people actually would like to avoid.

Here is the current use model for PGP:

(1) I generate a key and sign all my email with it
(2) People reading my email see an obscure indicator somewhere in my email that indicates that it was signed by either an unknown key (nearly always) or a known key (I don't even know what that looks like)
(3) ???
(4) WIN!

First of all, this does nothing to preserve privacy, so I don't know why we're even talking about it.   PGP in principle could be used to encrypt communication, but because we don't really have an agreed-upon trust model, this is a use case that only occurs when people are _highly motivated_ to protect their privacy, and that's not most people, and not most of the time.

This stuff matters.   Thinking about the use model for the tools we build is _the most important aspect_ of protecting peoples' privacy.   If we don't think about these things, we're just producing cool toys that will never see general use.

I can actually describe a use model for PGP that accomplishes what Michael wants without accomplishing what Lloyd doesn't want, but let's leave that for another conversation.   The point I wanted to make is very simply that if we don't think about use models, we will never get to (4).

v2.23.0 | Report a Bug | By Email