IETF Logo Mail Archive

Re: Agenda, security, and monitoring

Phillip Hallam-Baker <hallam@gmail.com> Sun, 02 February 2014 15:34 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0EBD11A00E4; Sun, 2 Feb 2014 07:34:54 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.099
X-Spam-Level:
X-Spam-Status: No, score=-0.099 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, LOTS_OF_MONEY=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wq8P6ik11BtZ; Sun, 2 Feb 2014 07:34:51 -0800 (PST)
Received: from mail-la0-x22c.google.com (mail-la0-x22c.google.com [IPv6:2a00:1450:4010:c03::22c]) by ietfa.amsl.com (Postfix) with ESMTP id 73B861A00D9; Sun, 2 Feb 2014 07:34:50 -0800 (PST)
Received: by mail-la0-f44.google.com with SMTP id hr13so1064118lab.31 for <multiple recipients>; Sun, 02 Feb 2014 07:34:45 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=RKmJ+ke/O52ORii1zpz5dlnUXGtjnm/Wl29JEIUCCZc=; b=f8h/l4ZzfMGPBUIpb2cwd4Y1AWKClUsQBcLxVO7gxTDEe/TRwqb4Fexce3MlOasFCB bxaTIYqW6PNW6uDHS+YA0ruW6ulO6zM3nkEVEZrHcwe8awk5eGOBzzfygef7Guum8Fu7 24e/YIZZH/onFrINfLNXQIV8sBRBVe+sOTwLGrovvJzz9z382RA1/qJV/gAwqG3XVCYy XTDSoCJlbeTpB6TjqMxqflrjdk01iyHSvU6J/Qpxi0Oz9F1TyTTFdydQj3HrPX4LVHDn JKsuLHn0TagI8GQmz9gW0tjUJs2QsV6DSjHeug4qzEJD3UvscmKDduJ+FczAKYUYOZvC JLDg==
MIME-Version: 1.0
X-Received: by 10.152.161.234 with SMTP id xv10mr1336130lab.41.1391355285334; Sun, 02 Feb 2014 07:34:45 -0800 (PST)
Received: by 10.112.37.168 with HTTP; Sun, 2 Feb 2014 07:34:45 -0800 (PST)
In-Reply-To: <52EE07AC.2020701@dcrocker.net>
References: <19A23B84A41C1D4EA513F2C8@JcK-HP8200.jck.com> <52ED8496.6000006@dcrocker.net> <52EE065B.1050707@frobbit.se> <52EE07AC.2020701@dcrocker.net>
Date: Sun, 02 Feb 2014 10:34:45 -0500
Message-ID: <CAMm+LwjF_E7q1vbef6-sQ9wXYbtBsJEgny768iv4aNh1e5SSmw@mail.gmail.com>
Subject: Re: Agenda, security, and monitoring
From: Phillip Hallam-Baker <hallam@gmail.com>
To: Dave Crocker <dcrocker@bbiw.net>
Content-Type: multipart/alternative; boundary="001a11345a0889f09f04f16e25c1"
Cc: John C Klensin <john-ietf@jck.com>, IETF Discussion Mailing List <ietf@ietf.org>, "iesg@ietf.org" <iesg@ietf.org>, Patrik Fältström <paf@frobbit.se>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 02 Feb 2014 15:34:54 -0000

On Sun, Feb 2, 2014 at 3:54 AM, Dave Crocker <dhc@dcrocker.net> wrote:

> On 2/2/2014 12:48 AM, Patrik Fältström wrote:
>
>> On 2014-02-02 00:34, Dave Crocker wrote:
>>
>>> 1. It has demonstrated unacceptable usability for average users.
>>>
>>
>> At last my view and experience is that latest Enigmail and MacGPG is
>> making it usable.
>>
>> The key exchange is hard, but works really well in Enigmail+Thunderbird,
>> as key management is directly from mail read/compose window. Not in a
>> separate application.
>>
>
> You think that's a system that can and will be convenient and used by the
> mass market???
>
> So why isn't it already?


I address that in my video. Sorry, its not in text yet, but the argument is
not really part of the technical specifications.

The part that you don't state by name but imply is 'what is the business
model'. We are talking about a multi-million dollar change to the email
infrastructure. That is only justified if we can show a multi-billion
dollar return on the investment.

I think that there is such a return. If my bank, my doctor, my brokerage
can send mail and be assured that the transport is confidential end to end,
they can use email in more ways. SSL made Web commerce possible and added
roughly five trillion dollars to global GDP according to one estimate.
Email security can make Internet commerce better and simpler and sustain
that growth. Even if the additional benefits from making the other Internet
killer application secure are 1% of the Web benefits, that is a lot of
potential.


I see S/MIME and PGP as being 95% right respectively. The problem is that
Internet applications don't take off if they are 'pretty good' back in 1992
they had to be extremely good. And now they have to be exceptionally good.

Most of us have a box full of smartphones we bought before the iPhone came
out. The Palm Treo, HP iPaq and the Rim pager. They were all functional but
none of them had the real web, they were all walled gardens. Remember that
before the iphone the industry was flushing a billion dollars a year down
the WAP toilet in the confused belief that what cell phone users really
wanted was a dumbed down version of the Web with more adverts.

That missing 5% is critical. Specifically any new security scheme has to be
frictionless:

* Key Management: Has to make starting a key set simple and intuitive. The
user cannot be required to perform annual maintenance to replace expired
certificates. Everything has to be completely automatic.

* Multiple devices: It must be really easy to read the encrypted mail on
the many devices real users use today. I have eight machines that I
regularly read email on. Making it possible to read mail on a new device
has to be a one or two clicks affair.

* Transparent: Sending mail securely has to take no more effort that
insecure mail. That means that the mail client (or a proxy) has to decide
whether to send mail in cleartext or encrypted. Which in turn means that
there has to be a mechanism for specifying security policy.


S/MIME already supports an enveloping mode that protects the headers and
metadata. It just isn't fully supported by the deployed base. So there has
to be a way for a receiver to tell the sender what they support. Which is
why we can't use the PGP or S/MIME infrastructure just as is, we need to
add a little policy glue.

Take a look at the message that John posted, opening this thread.  That
> some systems use multipart/signed is fine, but it's not what's most common
> for PGP.


One of the biggest problems we have is that rather than tell PGP and S/MIME
to use a common packaging format and compete on the trust model, both
groups were told they could go ahead independently (although Jeff Schiller
told me that PGP was "not allowed to develop a PKI" then he rolled his
eyes).

End-to-end email has stalled in part because of the S/MIME vs PGP standards
war. PGP has ended up with all the mindshare, S/MIME has the deployed base.
When I was at VeriSign I had some long discussions with Jon Callas about
what might we do to fix things and come to a common platform. The division
was particularly silly when PGP had one of the best S/MIME platforms in the
market. That effort was overtaken by events and DKIM. The industry didn't
have bandwidth for two email crypto efforts at once. When I left VeriSign I
lobbied PGP inc to start a CA precisely to see if we could start to heal
the rift. Not that it helped. Symantec now own both companies and that
hasn't helped either.


If people want to move forward on this, something that would be very
helpful is for the naysayers to put all their objections into an Internet
Draft. Then those of us looking to solve the problem can go through and see
what we have solved and what is left to do.

I wrote a set of IDs as design documents before starting work on the code:

http://tools.ietf.org/html/draft-hallambaker-prismproof-req-00
http://tools.ietf.org/html/draft-hallambaker-prismproof-key-00
http://tools.ietf.org/html/draft-hallambaker-prismproof-dep-00
http://tools.ietf.org/html/draft-hallambaker-prismproof-trust-00

I now have code that is incomplete but shows proof of concept:
http://sourceforge.net/projects/prismproof/

There are two phases to the code:

Phase One is a scheme that employs a direct trust model and requires no
trusted third parties or infrastructure beyond the existing email
infrastructure and access to a Web Server to publish the Phingerprint
Blocks. This scheme uses the 'strong email address' which is essentially a
PGP fingerprint prepended to a mail address.

Phase Two allows people who have not met directly to exchange secure mail.
This scheme allows people to use their normal email address without any
visible cryptogunk. It necessarily relies on some form of infrastructure
but does not force a peer-to-peer or hierarchical model.

Right now the proxy can generate and manage keys, accept outbound mail,
encrypt it and forward it to the actual outbound mail server. I hope to get
the code to the point where it can make the decision to encrypt or not and
pull keys from a web server before London.


-- 
Website: http://hallambaker.com/

v2.23.0 | Report a Bug | By Email