Re: How are S/MIME private keys handled across MUAs?
Al Arsenault <a.arsenault.81@gmail.com> Thu, 17 August 2017 13:59 UTC
Return-Path: <a.arsenault.81@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CBDBB132063 for <ietf@ietfa.amsl.com>; Thu, 17 Aug 2017 06:59:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.448
X-Spam-Level:
X-Spam-Status: No, score=-2.448 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id T_JCpGH5NYt1 for <ietf@ietfa.amsl.com>; Thu, 17 Aug 2017 06:59:35 -0700 (PDT)
Received: from mail-io0-x229.google.com (mail-io0-x229.google.com [IPv6:2607:f8b0:4001:c06::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 45C7C126BFD for <ietf@ietf.org>; Thu, 17 Aug 2017 06:59:35 -0700 (PDT)
Received: by mail-io0-x229.google.com with SMTP id m88so23145098iod.2 for <ietf@ietf.org>; Thu, 17 Aug 2017 06:59:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=NQKKS4ChuPfXmaeA8sRg7ADA7IlgT4PpKO5yXiki5CM=; b=XfPTbHqJJCdz+7rDu4MZbns8Tzv9imv0SqJGsbMNwffuA7ZhTZO/GQ72Xzk/LFkojQ 2Xfehdf89vdT4WC1HhE+00oEtloLVpPiyTgtFhXIN/IN5jEUqaUhgWxL4I+kMdgqEq+p ExaJCFTayhvZYtsY3QrWtt7a70+gRoN58ztm9rpOZJQTUPeJrg0GjKALiAL2THzKKS8O g0wwvaF5YlqsjVjFS4cyLzlj5hYYoK3zPsCBaiUg3w5YxQAwopT/d69e5Y59pTZ9LBwJ WFE6SraUZOeu4P0NMCri5bE0N87/2e5qEeO6ArQO7Kd54+VCHUvYE3ddFuqTqhkW8av9 lyVA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=NQKKS4ChuPfXmaeA8sRg7ADA7IlgT4PpKO5yXiki5CM=; b=q9XgRZ3DqHCBFS1Dd8MC3NQDAn0U1EGDQO7BPziEg2thwgrbKk2PvziJs6lTmcz2cL 0NiQuH5UikPNBg+zq9Xjg72QzQVf1Wkhvru/g+pr8oeqViClB+WuirYt/YvWXR/TVCR6 VqYsHM8gbb8LWlib8FCLz0o/xFYGabIdIGMPZzo0sWsrNXH6neVk+M4G0K/47C6KI3y0 3dwDGDiKw1zaHn8JheLWZMv6eJfjJ4NX7+cYx40j+hECxLkKbi9VlWUDlACtzEjRz761 8HKbMemDJwbZQPmh7z6tU3Q4QmnpBeLNU0xCTsoX7y2hdIgPOV1rUdR0yd/MJ/5dHIHx zCyA==
X-Gm-Message-State: AHYfb5gsqNTL+T07YIuItCi4njcopihxZxjQ5pIiAbFradfFKnlDtCVI zNDaRc5RlCArJwU9qnlISePsVWCNHA==
X-Received: by 10.107.132.148 with SMTP id o20mr5276048ioi.296.1502978374721; Thu, 17 Aug 2017 06:59:34 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.107.8.67 with HTTP; Thu, 17 Aug 2017 06:59:33 -0700 (PDT)
In-Reply-To: <CAKHUCzyT_ObRPzgTMFpChtvLE+vzBbkWqt7iMqHGL77C2nYxBQ@mail.gmail.com>
References: <CACZ1GiqT6iANkgpDjh-+43pGUY0uEnPdaDnwecBj66S4igTPxA@mail.gmail.com> <CAKHUCzyT_ObRPzgTMFpChtvLE+vzBbkWqt7iMqHGL77C2nYxBQ@mail.gmail.com>
From: Al Arsenault <a.arsenault.81@gmail.com>
Date: Thu, 17 Aug 2017 09:59:33 -0400
Message-ID: <CAEC7viCi6LBi4FU08M_n4x6bt7sp5E9Mdyi8L1u2GkKzbdLzMw@mail.gmail.com>
Subject: Re: How are S/MIME private keys handled across MUAs?
To: Dave Cridland <dave@cridland.net>
Cc: vaibhav singh <vaibhavsinghacads@gmail.com>, "ietf@ietf.org Discussion" <ietf@ietf.org>
Content-Type: multipart/alternative; boundary="001a113f396a2165950556f36c08"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/FiMxEgmdoSXSJFFsY_noLgd3AJ0>
X-Mailman-Approved-At: Thu, 17 Aug 2017 13:02:33 -0700
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Aug 2017 13:59:38 -0000
It's a decade in the past, but the entire SACRED working group was established to address this exact problem. See e.g. RFC 3767. https://www.rfc-editor.org/rfc/rfc3767.txt On Thu, Aug 17, 2017 at 3:46 AM, Dave Cridland <dave@cridland.net> wrote: > > > On 16 Aug 2017 19:50, "vaibhav singh" <vaibhavsinghacads@gmail.com> wrote: > > Hi, > I was looking at RFCs for S/MIME, and had a question: What if I am logged > into multiple clients(my mobile, a web application, Thunderbird) with an > email account, and I receive an encrypted email? > > I can see that the encrypted email would be created with my public key, > and, assuming one public key for one email account, I will have one private > key which I will somehow make use of across all my MUAs. I could not think > of a simple way using which I will be able to sync my private key. > > Is there any good way of sharing private keys across clients (maybe some > way of securely syncing files)? How do corporate clients resolve this > issue? Is there an RFC which I may have to refer to? > > Another line of thinking; is it possible to create key pairs > (triplets?quadruplets?) wherein there could be multiple private keys > generated for a single public key? And, what about the other way round? > > > As Russ says, the traditional way of handling this is to encrypt the > private key and send it around each client. > > Another way would be to use PRE here (see Phillip Hallam-Baker's link sent > in the other thread), so that the key other people actually get is a Proxy > key, and each client has a proxy-decryptor key of its own - one special > client, with a stronger security stance, would be acting as the Proxy > Admin. There's little practical advantage in this, except that should one > client be compromised, you could revoke just that decryptor key. You do > need the re-encryption key to be held somewhere other than the clients, > though, since otherwise you can obtain the Proxy's private key through a > client compromise. > > One thing that really doesn't work well here is if you want to use > hardware-backed cryptography (HSM, smartcards, etc). Here, you'd ideally > use a PRE mechanism again, but one in which the proxy re-encrypted to a > specific key (Phillip Hallam-Baker's scheme will not do this). The closest > I can get here in practical terms is to keep the decryptor keys encrypted > using a HSM-backed private key, which isn't - quite - the same. > > Of course, without PRE involved, if you want to use an HSM then you can > only decrypt your email in the one client you have the HSM at, which makes > things logistically frustrating. > > Dave. > > > > -- > > Regards, > Vaibhav Singh > > >
- How are S/MIME private keys handled across MUAs? vaibhav singh
- Re: How are S/MIME private keys handled across MU… Russ Housley
- Re: How are S/MIME private keys handled across MU… Dave Cridland
- Re: How are S/MIME private keys handled across MU… Al Arsenault