Re: How are S/MIME private keys handled across MUAs?
Dave Cridland <dave@cridland.net> Thu, 17 August 2017 07:46 UTC
Return-Path: <dave@cridland.net>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4E744132814 for <ietf@ietfa.amsl.com>; Thu, 17 Aug 2017 00:46:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cridland.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OS2tyaPvRrbx for <ietf@ietfa.amsl.com>; Thu, 17 Aug 2017 00:46:06 -0700 (PDT)
Received: from mail-lf0-x22e.google.com (mail-lf0-x22e.google.com [IPv6:2a00:1450:4010:c07::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7FFCC132813 for <ietf@ietf.org>; Thu, 17 Aug 2017 00:46:06 -0700 (PDT)
Received: by mail-lf0-x22e.google.com with SMTP id t128so26264926lff.2 for <ietf@ietf.org>; Thu, 17 Aug 2017 00:46:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cridland.net; s=google; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=Lvsh7CvfqVNjxMuJGCUxcYxkXvasc8mf/pcGLndHxuE=; b=bq4aq3AakTK6pzWgJD72LGmum3I7f3kPTWrHYN/1zUFoOXbbtBSYeDiJiNiiKWp7Th jEpWYMrYgN6BM8favIhyfIgDHE2OLiAp0IhWC1QJwAqybrFCvVTpMNNv/AHP1GLWb3H3 9UIXCCnLjprwFI7lcefghhuqwF6nAe4UlqZaM=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=Lvsh7CvfqVNjxMuJGCUxcYxkXvasc8mf/pcGLndHxuE=; b=NNNEVXY2pyuwoNFQSsXUU9ZmqnL2tkMGRqd1k+lLeOol2zx3LbAi9KH5QwdsfCokju EFQJEOg31DWcNvyHA/ONvPD93dwsscnp6ejD+ghP995kQI62dwnjwJThlstGvoltJ6wk JkOZ1FB/Xb/brO4Of3S0mzqvX2rXwLJSFV+V5cZZ+lVRcsuzcHHhT4PX3mcQ8toSOfNL SZ/00UIXHej+Z66a2B/ciGBVwMgDWNsEaouZEluibyaY8R4z6yEot9c7aS3PN1ZkjPGJ S3QzGUXn7HSmvyCBu7/m7DGoZy7X5V86UDBKeaRWm2OW3d4ZUoE3QFRrnkj4kexjzebC t+RA==
X-Gm-Message-State: AHYfb5gP8Wr1qoEVNTpQM7XbIOiy85uRXmGIiMg9K3hY+Z1M++m2n863 OQohqJTfAlcjnBQkUjN5WwDZLATMkH30
X-Received: by 10.46.82.1 with SMTP id g1mr1775465ljb.145.1502955964587; Thu, 17 Aug 2017 00:46:04 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.179.75.130 with HTTP; Thu, 17 Aug 2017 00:46:03 -0700 (PDT)
Received: by 10.179.75.130 with HTTP; Thu, 17 Aug 2017 00:46:03 -0700 (PDT)
In-Reply-To: <CACZ1GiqT6iANkgpDjh-+43pGUY0uEnPdaDnwecBj66S4igTPxA@mail.gmail.com>
References: <CACZ1GiqT6iANkgpDjh-+43pGUY0uEnPdaDnwecBj66S4igTPxA@mail.gmail.com>
From: Dave Cridland <dave@cridland.net>
Date: Thu, 17 Aug 2017 08:46:03 +0100
Message-ID: <CAKHUCzyT_ObRPzgTMFpChtvLE+vzBbkWqt7iMqHGL77C2nYxBQ@mail.gmail.com>
Subject: Re: How are S/MIME private keys handled across MUAs?
To: vaibhav singh <vaibhavsinghacads@gmail.com>
Cc: "ietf@ietf.org Discussion" <ietf@ietf.org>
Content-Type: multipart/alternative; boundary="001a113c30ea61f60c0556ee34a5"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/RPTQ6kMy1chqEdwwFhCxAh7OOTw>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Aug 2017 07:46:09 -0000
On 16 Aug 2017 19:50, "vaibhav singh" <vaibhavsinghacads@gmail.com> wrote: Hi, I was looking at RFCs for S/MIME, and had a question: What if I am logged into multiple clients(my mobile, a web application, Thunderbird) with an email account, and I receive an encrypted email? I can see that the encrypted email would be created with my public key, and, assuming one public key for one email account, I will have one private key which I will somehow make use of across all my MUAs. I could not think of a simple way using which I will be able to sync my private key. Is there any good way of sharing private keys across clients (maybe some way of securely syncing files)? How do corporate clients resolve this issue? Is there an RFC which I may have to refer to? Another line of thinking; is it possible to create key pairs (triplets?quadruplets?) wherein there could be multiple private keys generated for a single public key? And, what about the other way round? As Russ says, the traditional way of handling this is to encrypt the private key and send it around each client. Another way would be to use PRE here (see Phillip Hallam-Baker's link sent in the other thread), so that the key other people actually get is a Proxy key, and each client has a proxy-decryptor key of its own - one special client, with a stronger security stance, would be acting as the Proxy Admin. There's little practical advantage in this, except that should one client be compromised, you could revoke just that decryptor key. You do need the re-encryption key to be held somewhere other than the clients, though, since otherwise you can obtain the Proxy's private key through a client compromise. One thing that really doesn't work well here is if you want to use hardware-backed cryptography (HSM, smartcards, etc). Here, you'd ideally use a PRE mechanism again, but one in which the proxy re-encrypted to a specific key (Phillip Hallam-Baker's scheme will not do this). The closest I can get here in practical terms is to keep the decryptor keys encrypted using a HSM-backed private key, which isn't - quite - the same. Of course, without PRE involved, if you want to use an HSM then you can only decrypt your email in the one client you have the HSM at, which makes things logistically frustrating. Dave. -- Regards, Vaibhav Singh
- How are S/MIME private keys handled across MUAs? vaibhav singh
- Re: How are S/MIME private keys handled across MU… Russ Housley
- Re: How are S/MIME private keys handled across MU… Dave Cridland
- Re: How are S/MIME private keys handled across MU… Al Arsenault