Re: Proposed Proposed Statement on e-mail encryption at the IETF
John C Klensin <john-ietf@jck.com> Thu, 04 June 2015 07:45 UTC
Return-Path: <john-ietf@jck.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8E4511ACF1D for <ietf@ietfa.amsl.com>; Thu, 4 Jun 2015 00:45:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.31
X-Spam-Level:
X-Spam-Status: No, score=-2.31 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-0.7, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8dRXrYP_TWEN for <ietf@ietfa.amsl.com>; Thu, 4 Jun 2015 00:45:20 -0700 (PDT)
Received: from bsa2.jck.com (ns.jck.com [70.88.254.51]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D3DFE1ACED5 for <ietf@ietf.org>; Thu, 4 Jun 2015 00:45:19 -0700 (PDT)
Received: from [198.252.137.35] (helo=JcK-HP8200.jck.com) by bsa2.jck.com with esmtp (Exim 4.82 (FreeBSD)) (envelope-from <john-ietf@jck.com>) id 1Z0Ppx-000C9g-Tf; Thu, 04 Jun 2015 03:45:13 -0400
Date: Thu, 04 Jun 2015 03:45:08 -0400
From: John C Klensin <john-ietf@jck.com>
To: Hector Santos <hector.santos45@yahoo.com>, Måns Nilsson <mansaxel@besserwisser.org>, Joe Abley <jabley@hopcount.ca>
Subject: Re: Proposed Proposed Statement on e-mail encryption at the IETF
Message-ID: <2CA50C9A80A6D72C8D57630D@JcK-HP8200.jck.com>
In-Reply-To: <556F5206.5090006@yahoo.com>
References: <DD88F4E4-6BBA-4610-BB49-3158A26DF55B@hopcount.ca> <20150602152432.GE5551@besserwisser.org> <556F5206.5090006@yahoo.com>
X-Mailer: Mulberry/4.0.8 (Win32)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
X-SA-Exim-Connect-IP: 198.252.137.35
X-SA-Exim-Mail-From: john-ietf@jck.com
X-SA-Exim-Scanned: No (on bsa2.jck.com); SAEximRunCond expanded to false
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/7ehGs_qW2igQWqW_CHpg5gyNAjE>
Cc: IETF Discussion Mailing List <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Jun 2015 07:45:21 -0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --On Wednesday, June 03, 2015 15:14 -0400 Hector Santos <hector.santos45@yahoo.com> wrote: > On 6/2/2015 11:24 AM, Måns Nilsson wrote: >> The above benefits of signing apply roughly equally well to >> both methods. /Måns, signing all outgoing e-mail. If e-mail >> from me is not signed, something is fishy. > > But if you are not signing the mail yourself, its already > "fishy." Or do you mean sign by some trusted 3rd party and > wish for others to trust as well? Hector, I assume he meant "signed by some mechanism, including key certification, that most recipients would have reason to trust". Now that raises a lot of issues, some of which interact with claims that HTTPS provides significant data integrity protection. I wish that, at least as a demonstration matter, more MUAs made it easy to create a security-based whitelist for incoming mail to particular mailbox or folders, e.g., to reject anything that was not signed in a key that was either stored and certified locally or that was certified by a CA that the user had chosen to trust. In addition to allowing some noise-free (as well as merely spam-free) folders, it would help the broader community understand the limitations of such approaches. For example, we could not use it for the IETF list and preserve the position that anyone could post and that pseudononymous postings were ok. I also note that "PGP key signing parties" used to be a regular feature at almost every IETF meeting. If we were serious about secure communications (not just email) within the IETF community, we would reinstitute those, review signing criteria and create some guidelines, and make sure we could get X.509 certs issued/signed too, if necessary in an IETF or ISOC tree. If we were trying to make good demonstrations for the wider community, we would move in those sorts of directions. We might also pick up on Måns's "if it isn't signed, it isn't from me" assertion and modify our various protocols for domain-based assertions about mail to allow "if something claims to come from this domail and its content isn't digitally signed using method X, it is bogus" assertions. Lots of things we could be doing. Or we can contribute to the repertoire of security theater and make our lives harder in the process. regards, john -----BEGIN PGP SIGNATURE----- Version: Encryption Desktop 10.3.0 (Build 8741) Charset: utf-8 wj8DBQFVcAHo5pJ/EbOJ8NoRAoJyAKCERi9i+hicycOBc+Mc5zgxKEGh8QCfZJWx V6JIsVatL3bA/LnpUv9xNbA= =VMXb -----END PGP SIGNATURE-----
- Proposed Proposed Statement on e-mail encryption … Joe Abley
- RE: Proposed Proposed Statement on e-mail encrypt… MH Michael Hammer (5304)
- Re: Proposed Proposed Statement on e-mail encrypt… Russ Housley
- Re: Proposed Proposed Statement on e-mail encrypt… Jari Arkko
- Re: Proposed Proposed Statement on e-mail encrypt… Stephen Farrell
- Re: Proposed Proposed Statement on e-mail encrypt… Xiaoyin Liu
- Re: Proposed Proposed Statement on e-mail encrypt… Xiaoyin Liu
- Re: Proposed Proposed Statement on e-mail encrypt… Joe Abley
- Re: Proposed Proposed Statement on e-mail encrypt… Hector Santos
- Re: Proposed Proposed Statement on e-mail encrypt… Phillip Hallam-Baker
- Re: Proposed Proposed Statement on e-mail encrypt… Joe Abley
- Re: Proposed Proposed Statement on e-mail encrypt… Måns Nilsson
- Re: Proposed Proposed Statement on e-mail encrypt… John Levine
- Re: Proposed Proposed Statement on e-mail encrypt… John Levine
- Re: Proposed Proposed Statement on e-mail encrypt… Paul Hoffman
- Re: Proposed Proposed Statement on e-mail encrypt… Nico Williams
- Re: Proposed Proposed Statement on e-mail encrypt… Nico Williams
- Re: Proposed Proposed Statement on e-mail encrypt… Phillip Hallam-Baker
- Re: Proposed Proposed Statement on e-mail encrypt… Joe Abley
- Re: Proposed Proposed Statement on e-mail encrypt… Joe Abley
- Re: Proposed Proposed Statement on e-mail encrypt… Paul Hoffman
- Re: Proposed Proposed Statement on e-mail encrypt… Joe Abley
- Re: Proposed Proposed Statement on e-mail encrypt… Paul Wouters
- Re: Proposed Proposed Statement on e-mail encrypt… Måns Nilsson
- Re: Proposed Proposed Statement on e-mail encrypt… Matt Mathis
- Re: Proposed Proposed Statement on e-mail encrypt… Brian E Carpenter
- Re: Proposed Proposed Statement on e-mail encrypt… Phillip Hallam-Baker
- Re: Proposed Proposed Statement on e-mail encrypt… Warren Kumari
- Re: Proposed Proposed Statement on e-mail encrypt… Hector Santos
- Re: Proposed Proposed Statement on e-mail encrypt… Måns Nilsson
- Re: Proposed Proposed Statement on e-mail encrypt… John C Klensin
- Re: Proposed Proposed Statement on e-mail encrypt… Joe Abley
- Re: Proposed Proposed Statement on e-mail encrypt… Glen