Re: On email and web security
George Michaelson <ggm@algebras.org> Thu, 14 January 2016 06:35 UTC
Return-Path: <ggm@algebras.org>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 85D0C1B2A66 for <ietf@ietfa.amsl.com>; Wed, 13 Jan 2016 22:35:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.278
X-Spam-Level:
X-Spam-Status: No, score=-1.278 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id trglZIngqsOJ for <ietf@ietfa.amsl.com>; Wed, 13 Jan 2016 22:35:20 -0800 (PST)
Received: from mail-qg0-x235.google.com (mail-qg0-x235.google.com [IPv6:2607:f8b0:400d:c04::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B39051B2A1C for <ietf@ietf.org>; Wed, 13 Jan 2016 22:35:20 -0800 (PST)
Received: by mail-qg0-x235.google.com with SMTP id b35so343303603qge.0 for <ietf@ietf.org>; Wed, 13 Jan 2016 22:35:20 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=algebras-org.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=jxrBtslBLyet93nDg5iskyXmypeGAYSu2AKkZVuaZW8=; b=lblF46+6qpwQQxzQ9ipAmJ9sOEBnW8br6AXxVA5BQrsGbtvOJqIMeuynH6F6ccaUUF D/Bsjg3/d/C4IBWdOy56BdGNd1Ncujs+fUPBiNrwhvyKNJNIXA9YzHoeSqhus0GvJsku Bf06Ibhldhz39cheEL1ii9nRMl6+Y5qY5bnz77ggVXXm8ht3vy0nFoQBbqdD7SLWoNlF G0HzULudFYBUpdPKL6UxXp6xTDEdHU822udo2K4gL2gPb1K92O/vqBh54vky4PxsmuxQ X8eQRbapT/RRgb9hd5+QUXng3m+frA0mFAKB3ZggHBh7f9D2wK7PNBFgE8Ij4mSWh7X9 r2yA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=jxrBtslBLyet93nDg5iskyXmypeGAYSu2AKkZVuaZW8=; b=gbUmOwCVsUshvxBI/wQz1QmSa7xRf6Jyyhs9+Z2botGHwY8KKDe3KGDQYniu4s6h4x 5MkzLaQmc90C6EoRdFRxv+igIcJYOajwhyKNZhX0jN9f67qLZZgwlMDclobHExtgyFl5 EEqNsJgip5wsdpyuKvcV/0XTZ2m29Rv3c2hT0X9V3gThUQFkHYAA7YgI1eOAMw5yPDfg CjnFK9m+mPceDyV+4qWN2EKoBfhGb8oyT+FXoMqOUIGXZOX2O4u4dZWl486iVkv42BNo 865WhiuCsLifxN6GyOMB4D4iDrbaavFKqUy6J8uGRnZYGB97xeceQP9y+vXupoE0bkJ4 sF/w==
X-Gm-Message-State: ALoCoQmWCXuHyZBTS9LOajyYEG9mYWnKSzOF5EwERGspOYbH53/zDuPF9+mOODkMRBF2kA31qllP989R9vDt3Kp/GA13E01adg==
MIME-Version: 1.0
X-Received: by 10.140.155.87 with SMTP id b84mr2905224qhb.29.1452753319760; Wed, 13 Jan 2016 22:35:19 -0800 (PST)
Received: by 10.55.103.214 with HTTP; Wed, 13 Jan 2016 22:35:19 -0800 (PST)
X-Originating-IP: [2001:dc0:a000:4:40f3:baaf:b107:23a2]
In-Reply-To: <CAMm+LwjtY8REViD2xO3i6qzrU322jKavBXuEYHUZE++WMAooOw@mail.gmail.com>
References: <5696ED21.6000805@dougbarton.us> <20160114024314.66977.qmail@ary.lan> <CAMm+LwjtY8REViD2xO3i6qzrU322jKavBXuEYHUZE++WMAooOw@mail.gmail.com>
Date: Thu, 14 Jan 2016 16:35:19 +1000
Message-ID: <CAKr6gn2Pkgwz9PZkT8Ma6Fn5kmD6Ea3kZC14Cu8Ef6GpCCS=1g@mail.gmail.com>
Subject: Re: On email and web security
From: George Michaelson <ggm@algebras.org>
To: Phillip Hallam-Baker <phill@hallambaker.com>
Content-Type: multipart/alternative; boundary="001a11399b969230950529457d06"
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/EiIHd5kZX7dh8yRuMKHGgySI1FQ>
Cc: John Levine <johnl@taugh.com>, IETF Discussion Mailing List <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Jan 2016 06:35:22 -0000
I thought bloom filters + cryptography == group crypto. (not a cryptographer, deep trawling memory of articles read many years ago) On Thu, Jan 14, 2016 at 4:23 PM, Phillip Hallam-Baker <phill@hallambaker.com > wrote: > On Wed, Jan 13, 2016 at 9:43 PM, John Levine <johnl@taugh.com> wrote: > >>Well the question I responded to was wondering if there was a way to > >>have the list software re-encrypt to the members without being able to > >>decrypt the message first. If I understand correctly, you're saying that > >>S/MIME can't do that either? > > > > Not unless there is something hidden inside all of the X.509 glop that > > I'm unaware of. Message bodies are encrypted with a session key > > which is in turn encrypted with the public keys of the message > > recipients. Nothing magic there. > > You end up having to modify the clients that decrypt the messages. > > The sender merely needs to use an encryption scheme that is based on > an algorithm that there is a recryption scheme for. I have only seen > Diffie Hellman based schemes. But since the receiver code is likely to > be for the new CFRG ECDH algorithms, you are backed up on the sender > and receiver side. > > There are probably ways you could shoehorn this into S/MIME and > OpenPGP but why not do the job right and extend wherever necessary? > the client code has to change anyway. > >
- On email and web security Fred Baker (fred)
- Re: On email and web security Paul Wouters
- Re: On email and web security Kathleen Moriarty
- Re: On email and web security Fernando Gont
- Re: On email and web security IETF Chair
- Re: On email and web security John Levine
- Re: On email and web security Michael Richardson
- Re: On email and web security Phillip Hallam-Baker
- Re: On email and web security Doug Royer
- Re: On email and web security Doug Royer
- Re: On email and web security Phillip Hallam-Baker
- Re: On email and web security Phillip Hallam-Baker
- Re: On email and web security l.wood
- Re: On email and web security Steve Crocker
- Re: On email and web security John Levine
- Re: On email and web security Phillip Hallam-Baker
- Re: On email and web security Phillip Hallam-Baker
- Re: On email and web security Doug Barton
- Re: On email and web security Phillip Hallam-Baker
- Re: On email and web security Doug Barton
- Re: On email and web security Dave Cridland
- Re: On email and web security Phillip Hallam-Baker
- Re: On email and web security Doug Barton
- Re: On email and web security Doug Royer
- Re: On email and web security Matthew Kerwin
- Re: On email and web security Doug Royer
- Re: On email and web security John Levine
- Re: On email and web security Doug Barton
- Re: On email and web security John Levine
- Re: On email and web security Doug Barton
- Re: On email and web security Phillip Hallam-Baker
- Re: On email and web security George Michaelson