Re: On email and web security

George Michaelson <ggm@algebras.org> Thu, 14 January 2016 06:35 UTC

Return-Path: <ggm@algebras.org>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 85D0C1B2A66 for <ietf@ietfa.amsl.com>; Wed, 13 Jan 2016 22:35:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.278
X-Spam-Level:
X-Spam-Status: No, score=-1.278 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id trglZIngqsOJ for <ietf@ietfa.amsl.com>; Wed, 13 Jan 2016 22:35:20 -0800 (PST)
Received: from mail-qg0-x235.google.com (mail-qg0-x235.google.com [IPv6:2607:f8b0:400d:c04::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B39051B2A1C for <ietf@ietf.org>; Wed, 13 Jan 2016 22:35:20 -0800 (PST)
Received: by mail-qg0-x235.google.com with SMTP id b35so343303603qge.0 for <ietf@ietf.org>; Wed, 13 Jan 2016 22:35:20 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=algebras-org.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=jxrBtslBLyet93nDg5iskyXmypeGAYSu2AKkZVuaZW8=; b=lblF46+6qpwQQxzQ9ipAmJ9sOEBnW8br6AXxVA5BQrsGbtvOJqIMeuynH6F6ccaUUF D/Bsjg3/d/C4IBWdOy56BdGNd1Ncujs+fUPBiNrwhvyKNJNIXA9YzHoeSqhus0GvJsku Bf06Ibhldhz39cheEL1ii9nRMl6+Y5qY5bnz77ggVXXm8ht3vy0nFoQBbqdD7SLWoNlF G0HzULudFYBUpdPKL6UxXp6xTDEdHU822udo2K4gL2gPb1K92O/vqBh54vky4PxsmuxQ X8eQRbapT/RRgb9hd5+QUXng3m+frA0mFAKB3ZggHBh7f9D2wK7PNBFgE8Ij4mSWh7X9 r2yA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=jxrBtslBLyet93nDg5iskyXmypeGAYSu2AKkZVuaZW8=; b=gbUmOwCVsUshvxBI/wQz1QmSa7xRf6Jyyhs9+Z2botGHwY8KKDe3KGDQYniu4s6h4x 5MkzLaQmc90C6EoRdFRxv+igIcJYOajwhyKNZhX0jN9f67qLZZgwlMDclobHExtgyFl5 EEqNsJgip5wsdpyuKvcV/0XTZ2m29Rv3c2hT0X9V3gThUQFkHYAA7YgI1eOAMw5yPDfg CjnFK9m+mPceDyV+4qWN2EKoBfhGb8oyT+FXoMqOUIGXZOX2O4u4dZWl486iVkv42BNo 865WhiuCsLifxN6GyOMB4D4iDrbaavFKqUy6J8uGRnZYGB97xeceQP9y+vXupoE0bkJ4 sF/w==
X-Gm-Message-State: ALoCoQmWCXuHyZBTS9LOajyYEG9mYWnKSzOF5EwERGspOYbH53/zDuPF9+mOODkMRBF2kA31qllP989R9vDt3Kp/GA13E01adg==
MIME-Version: 1.0
X-Received: by 10.140.155.87 with SMTP id b84mr2905224qhb.29.1452753319760; Wed, 13 Jan 2016 22:35:19 -0800 (PST)
Received: by 10.55.103.214 with HTTP; Wed, 13 Jan 2016 22:35:19 -0800 (PST)
X-Originating-IP: [2001:dc0:a000:4:40f3:baaf:b107:23a2]
In-Reply-To: <CAMm+LwjtY8REViD2xO3i6qzrU322jKavBXuEYHUZE++WMAooOw@mail.gmail.com>
References: <5696ED21.6000805@dougbarton.us> <20160114024314.66977.qmail@ary.lan> <CAMm+LwjtY8REViD2xO3i6qzrU322jKavBXuEYHUZE++WMAooOw@mail.gmail.com>
Date: Thu, 14 Jan 2016 16:35:19 +1000
Message-ID: <CAKr6gn2Pkgwz9PZkT8Ma6Fn5kmD6Ea3kZC14Cu8Ef6GpCCS=1g@mail.gmail.com>
Subject: Re: On email and web security
From: George Michaelson <ggm@algebras.org>
To: Phillip Hallam-Baker <phill@hallambaker.com>
Content-Type: multipart/alternative; boundary="001a11399b969230950529457d06"
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/EiIHd5kZX7dh8yRuMKHGgySI1FQ>
Cc: John Levine <johnl@taugh.com>, IETF Discussion Mailing List <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Jan 2016 06:35:22 -0000

I thought bloom filters + cryptography == group crypto.

(not a cryptographer, deep trawling memory of articles read many years ago)

On Thu, Jan 14, 2016 at 4:23 PM, Phillip Hallam-Baker <phill@hallambaker.com
> wrote:

> On Wed, Jan 13, 2016 at 9:43 PM, John Levine <johnl@taugh.com> wrote:
> >>Well the question I responded to was wondering if there was a way to
> >>have the list software re-encrypt to the members without being able to
> >>decrypt the message first. If I understand correctly, you're saying that
> >>S/MIME can't do that either?
> >
> > Not unless there is something hidden inside all of the X.509 glop that
> > I'm unaware of.  Message bodies are encrypted with a session key
> > which is in turn encrypted with the public keys of the message
> > recipients.  Nothing magic there.
>
> You end up having to modify the clients that decrypt the messages.
>
> The sender merely needs to use an encryption scheme that is based on
> an algorithm that there is a recryption scheme for. I have only seen
> Diffie Hellman based schemes. But since the receiver code is likely to
> be for the new CFRG ECDH algorithms, you are backed up on the sender
> and receiver side.
>
> There are probably ways you could shoehorn this into S/MIME and
> OpenPGP but why not do the job right and extend wherever necessary?
> the client code has to change anyway.
>
>