Re: the introduction problem, was Email and reputation (was Re: Service outages planned for April 25)
Keith Moore <moore@network-heretics.com> Tue, 03 May 2022 11:03 UTC
Return-Path: <moore@network-heretics.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 808E3C157B51 for <ietf@ietfa.amsl.com>; Tue, 3 May 2022 04:03:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.745
X-Spam-Level:
X-Spam-Status: No, score=-3.745 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, NICE_REPLY_A=-1.857, RCVD_IN_DNSWL_BLOCKED=0.001, T_SPF_TEMPERROR=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=messagingengine.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iCzOJ60f1kg1 for <ietf@ietfa.amsl.com>; Tue, 3 May 2022 04:03:24 -0700 (PDT)
Received: from out3-smtp.messagingengine.com (out3-smtp.messagingengine.com [66.111.4.27]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7B6D1C159487 for <ietf@ietf.org>; Tue, 3 May 2022 04:03:19 -0700 (PDT)
Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id 585865C0074; Tue, 3 May 2022 07:03:18 -0400 (EDT)
Received: from mailfrontend1 ([10.202.2.162]) by compute4.internal (MEProxy); Tue, 03 May 2022 07:03:18 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:date:from:from:in-reply-to:in-reply-to:message-id :mime-version:references:reply-to:sender:subject:subject:to:to :x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm1; t=1651575798; x=1651662198; bh=HwWRRshjIYAij3ehI+Xmgz/RY+Fc rNU5cLQKqTxiI6E=; b=DlOBrpBNsgHSFbk9Hxk9Njc7OeKhndjfK3St6G0k/ulL xJxS2UfIDgckkjP5ExR6GcEuC08+X9Fm9Xj9ebDQroLOvhqJIlME/16WkbuxUo4F RtiAExfJ9ECUeMP2YqyeRKEjLYYinsseyysVPbuzKf+At4M13hi1NfvTaIB+u3Ui VYmAwYdGPNO/nwQhH5hyM3C/qGcLq+6kKxhsfYcIHANm8OLwF80/F6sPkA6NYeqK Ho2cjKhxSVFqiJMPiJcONnX0MwNox4JrDD0Aps2vykQZ0drVi5PqcFf+VPUAqE/f NSkzhbKbgyBsjIEAhBehAibDULcdJKe6gtYrO10oRQ==
X-ME-Sender: <xms:9gtxYpZ40NdPogBHT4YXdLG5fJqowFQfJE4DJ-Si6N73gwHOJ81Dmw> <xme:9gtxYgY4WLY80ZHcet8U52e6r7QS8AG5iPhXwLEHX8U_iAwIb1KsV1uiKa3dJBIR3 YSIZqTVsEHxkA>
X-ME-Received: <xmr:9gtxYr-WzbatTiZu2MMmbZqo25u5RTuPEvGusDJOulgnu7VWsKPWjFGOMXpWW3cxn88>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvfedrvdejgdefhecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenuc fjughrpefkffggfgfuvfhfhfgjtgfgsehtkeertddtfeejnecuhfhrohhmpefmvghithhh ucfoohhorhgvuceomhhoohhrvgesnhgvthifohhrkhdqhhgvrhgvthhitghsrdgtohhmqe enucggtffrrghtthgvrhhnpeeftddvleeijeevkeejhfeuudehveeihfejfedvgfduhfff hfduuddufeeggfetveenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrih hlfhhrohhmpehmohhorhgvsehnvghtfihorhhkqdhhvghrvghtihgtshdrtghomh
X-ME-Proxy: <xmx:9gtxYno18GlJhbFpR_Lx87pMfPmFHmiUYn_YCO_CrQyActi_Y8fUZQ> <xmx:9gtxYkolDkAmJIIGLVxR1JEsVBlpjlGU5xazPB9ldo2wEU81wjK9OA> <xmx:9gtxYtT4pAgf3cySxuZuClUpdb9LAtW1l255ss31vSHAlxfg8nFZ8Q> <xmx:9gtxYqElzY4L9c_qzKPE8Tf0ViS-waHejPdR_HQ0bGaTkZjLU_kKOQ>
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Tue, 3 May 2022 07:03:17 -0400 (EDT)
Message-ID: <626afa87-e280-d5db-e2b9-8b72cfd2c36f@network-heretics.com>
Date: Tue, 03 May 2022 07:02:59 -0400
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.7.0
Subject: Re: the introduction problem, was Email and reputation (was Re: Service outages planned for April 25)
Content-Language: en-US
To: Christian Huitema <huitema@huitema.net>, ietf@ietf.org
References: <dcc27c29-51f8-c2a4-8ce4-ee1a3c6cb017@nostrum.com> <AAE3C51B-0150-483C-8244-3D60BC31B19A@tzi.org> <2c5df733-0f86-d319-b886-81882328caa9@network-heretics.com> <1870005490.14504.1651151102962@appsuite-gw1.open-xchange.com> <t4f3j1$1mpc$1@gal.iecc.com> <626060406.28268.1651487745123@appsuite-gw1.open-xchange.com> <2480fd36-c16a-6d98-ddac-15d02259ffbe@taugh.com> <837df6ce-a771-ff2f-515b-1021cc242c23@network-heretics.com> <0abc737b-839a-ba8e-88c2-64b7f069a9c7@huitema.net>
From: Keith Moore <moore@network-heretics.com>
In-Reply-To: <0abc737b-839a-ba8e-88c2-64b7f069a9c7@huitema.net>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/547pwICJtO1EPPS4CTlSCXSdDnQ>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 May 2022 11:03:28 -0000
On 5/3/22 01:59, Christian Huitema wrote: > > There are many technical problems, but there also some pretty > fundamental User Interaction issues. The way I think of this problem > is "I want to find the electronic address of the person whom I call > Alice Example". That kind of name is not unique in general, but it is > unique enough for me -- cryptographers often refer to this as a "pet > name". Doing that in a centralized service is hard. You have to assume > that a variety of phishers are going to try insert their own set of > metadata in the service database. I might have better chances asking > my friends, who may well understand who I refer to as "Alice Example". > And maybe we could develop some kind of friend-to-friend service > overlaid over a social network. But if we are not careful, it will be > easy to leave enough holes to let a whole raft of phishermen through... Sure, but even without the problem of key discovery, if you're going to send mail to Alice Example, you have to find her email address anyway, which is globally-unique. Somehow we have managed to do that for decades without a global directory. So I don't think it's necessary to solve the directory problem to solve the problem of key discovery. And if you have an email address, you can use a DNS lookup (maybe DoH) on the domain name portion of that address to find an oracle that's associated with that domain name. And you can use some protocol that uses TLS and X.509 certs to verify that you're talking to the authoritative server for that domain name. So the key lookup service doesn't have to be centralized, which simplifies things a bit. But I certainly agree that there are some pretty fundamental user interaction issues to be sorted out, even without tackling the directory problem. Keith
- Service outages planned for April 25 Robert Sparks
- Re: Service outages planned for April 25 Robert Sparks
- Re: Service outages planned for April 25 tom petch
- Re: Service outages planned for April 25 Jay Daley
- Re: Service outages planned for April 25 Keith Moore
- Re: Service outages planned for April 25 Carsten Bormann
- Re: Service outages planned for April 25 Keith Moore
- Re: Service outages planned for April 25 Carsten Bormann
- Re: Service outages planned for April 25 Keith Moore
- Email and reputation (was Re: Service outages pla… Vittorio Bertola
- Re: Email and reputation (was Re: Service outages… Keith Moore
- Re: Mail is worse than everything except all the … John Levine
- Re: the introduction problem, was Email and reput… John Levine
- Re: Mail is worse than everything except all the … Keith Moore
- Re: Mail is worse than everything except all the … Phillip Hallam-Baker
- Re: Mail is worse than everything except all the … Keith Moore
- Re: Mail is worse than everything except all the … John R Levine
- Re: Mail is worse than everything except all the … Keith Moore
- Re: Mail is worse than everything except all the … touch@strayalpha.com
- Re: Mail is worse than everything except all the … Keith Moore
- Re: Mail is worse than everything except all the … Viktor Dukhovni
- Re: Mail is worse than everything except all the … Keith Moore
- Re: Mail is worse than everything except all the … touch@strayalpha.com
- Re: Mail is worse than everything except all the … Keith Moore
- Re: the introduction problem, was Email and reput… Vittorio Bertola
- Re: the introduction problem, was Email and reput… John R Levine
- Re: the introduction problem, was Email and reput… Keith Moore
- Re: the introduction problem, was Email and reput… Viktor Dukhovni
- Re: the introduction problem, was Email and reput… Christian Huitema
- Re: the introduction problem, was Email and reput… Keith Moore
- Re: the introduction problem, was Email and reput… Keith Moore
- Re: the introduction problem, was Email and reput… Viktor Dukhovni
- Re: the introduction problem, was Email and reput… Masataka Ohta
- Re: the introduction problem, was Email and reput… Keith Moore
- Re: the introduction problem, was Email and reput… Masataka Ohta
- Re: the introduction problem, was Email and reput… Viktor Dukhovni
- Re: the introduction problem, was Email and reput… Keith Moore
- Re: the introduction problem, was Email and reput… Michael Richardson
- Re: the introduction problem, was Email and reput… Laurence Lundblade
- Re: the introduction problem, was Email and reput… Keith Moore
- Re: the introduction problem, was Email and reput… John Levine
- Re: the introduction problem, was Email and reput… Lyndon Nerenberg (VE7TFX/VE6BBM)
- Re: mail crypto, was the introduction problem, wa… John Levine
- Re: mail crypto, was the introduction problem, wa… Keith Moore
- Re: mail crypto, was the introduction problem, wa… Christopher Morrow
- Re: mail crypto, was the introduction problem, wa… Keith Moore
- Re: mail crypto, was the introduction problem, wa… John Levine
- Re: mail crypto, was the introduction problem, wa… Keith Moore
- Re: mail crypto, was the introduction problem, wa… Christopher Morrow
- Re: mail crypto, was the introduction problem, wa… Keith Moore
- Deployment strategy for email+ Was: Mail is worse… Phillip Hallam-Baker
- Re: mail crypto, was the introduction problem, wa… Phillip Hallam-Baker
- Re: the introduction problem, was Email and reput… Phillip Hallam-Baker
- Re: the introduction problem, was Email and reput… Phillip Hallam-Baker
- Re: the introduction problem, was Email and reput… John Levine
- Re: the introduction problem, was Email and reput… Keith Moore
- Re: the introduction problem, was Email and reput… Phillip Hallam-Baker
- Re: the introduction problem, was Email and reput… John R Levine
- Re: the introduction problem, was Email and reput… Phillip Hallam-Baker
- Re: the introduction problem, was Email and reput… Masataka Ohta
- Re: the introduction problem, was Email and reput… Masataka Ohta
- Trying to do too much (was Re: the introduction p… Jim Fenton
- Re: Trying to do too much (was Re: the introducti… lloyd.wood@yahoo.co.uk
- Re: Trying to do too much (was Re: the introducti… Phillip Hallam-Baker
- Re: Trying to do too much (was Re: the introducti… Keith Moore
- Re: Trying to do too much (was Re: the introducti… Keith Moore
- Re: Trying to do too much (was Re: the introducti… Michael Richardson
- Re: Trying to do too much (was Re: the introducti… Masataka Ohta
- Re: Trying to do too much (was Re: the introducti… Masataka Ohta
- Re: potable e-mail, now Trying to do too much (wa… John Levine
- Re: Trying to do too much (was Re: the introducti… Phillip Hallam-Baker
- Re: Trying to do too much (was Re: the introducti… Phillip Hallam-Baker
- Re: potable e-mail, now Trying to do too much (wa… Michael Richardson
- Re: Trying to do too much (was Re: the introducti… Keith Moore
- Re: portable e-mail, now Trying to do too much (w… John R Levine
- Re: potable e-mail, now Trying to do too much (wa… Keith Moore
- Re: Trying to do too much (was Re: the introducti… Masataka Ohta
- Re: potable e-mail, now Trying to do too much (wa… Masataka Ohta
- Re: portable e-mail, now Trying to do too much (w… Michael Richardson
- Re: portable e-mail, now Trying to do too much (w… John Levine
- Re: portable e-mail, now Trying to do too much (w… Michael Richardson
- We are not a mail forwarding service Carsten Bormann
- Re: We are not a mail forwarding service John R Levine
- ugly hacks (was: Re: We are not a mail forwarding… Keith Moore
- Re: ugly hacks (was: Re: We are not a mail forwar… John Levine
- Re: ugly hacks (was: Re: We are not a mail forwar… Keith Moore
- Re: We are not a mail forwarding service Robert Sparks
- Re: We are not a mail forwarding service Carsten Bormann
- Re: portable e-mail, now Trying to do too much (w… Phillip Hallam-Baker
- Re: potable e-mail, now Trying to do too much (wa… Phillip Hallam-Baker
- Re: portable e-mail, now Trying to do too much (w… Keith Moore
- Re: portable e-mail, now Trying to do too much (w… Phillip Hallam-Baker