Re: On email and web security

Matthew Kerwin <matthew@kerwin.net.au> Wed, 13 January 2016 21:34 UTC

Return-Path: <phluid61@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D624E1A0218 for <ietf@ietfa.amsl.com>; Wed, 13 Jan 2016 13:34:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.027
X-Spam-Level:
X-Spam-Status: No, score=-1.027 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gpgHu9eec7z3 for <ietf@ietfa.amsl.com>; Wed, 13 Jan 2016 13:33:59 -0800 (PST)
Received: from mail-qk0-x235.google.com (mail-qk0-x235.google.com [IPv6:2607:f8b0:400d:c09::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 79A4D1A0222 for <ietf@ietf.org>; Wed, 13 Jan 2016 13:33:59 -0800 (PST)
Received: by mail-qk0-x235.google.com with SMTP id q19so218308642qke.3 for <ietf@ietf.org>; Wed, 13 Jan 2016 13:33:59 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=46QR1ZfOzS9rB3Zg+Rm3+VGG3FW2HWWOVs5H02zOlKk=; b=Y2E/gF5qfHu+oL/DI/lIjt4vdBkj5wyNgqa4vsVbc42DNKVwh/EHNV3rinVp2/wtyV 0oIKGHk53fn1Vrr5l5lPYu/wETOr4tIc78+/EDHlMry/pNdXxzcdRJg3NClONyHO5V3Y /o3FlmnqAtLFRYY0m6dtnpxAog8IkzMiUur7jciCrbXdASMvWwLwimXSjAnecoaUnTu2 X4zHzfst0Uz4FUuAFv/0WNhdiGh/bZche01LDyEnfjnFHHxnxqIY5cNIg+cxNylszMqc dNlBSGO5/AxFNUVFsA3rGXK3rDN5uUCiBkQMQDe3YSxeWlLJoYj4hCv6pBcxsy/BuolF /w9g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=46QR1ZfOzS9rB3Zg+Rm3+VGG3FW2HWWOVs5H02zOlKk=; b=dUrPp5vvkAffQgV2IzRoNFrn4gXDAtqUenuGIKqbqJ1WN4TD2fPtg1GcPpDA3Mk+hj LUSZq8yGIB5r9SiXZeG6k+oApmWTq0uzR8TJ4s5ScT7v/Dr+DdhFAhDYcu/wZnebAY6V 3W2auLV5BaAYymagWUSNfK60dOv4gVYDjvvUbq1RDoSVVfMBDLXciFWITn2eEnRbwsrJ MSMEs1SngFlK9g599ctOf+FQEzc6HFSBOBMbPnBRJE+KABu/KrXL02af+V9b+CnbsVCK AKIEPJZ3v+EQEOFtU7WChPIER2eB1DBaeUq2V3X5Zr3cAqVgeLv0L56+Bw6XZXNX2gWa pRjQ==
X-Gm-Message-State: ALoCoQl1qUM8C5LGkwpC/EKGXInh4g4b3vBfv+GKAtJBks7ETlfP6lUpxu8RrDiK02tHNcxRkhKMthYhdzv7yNVk57/b6tR22Q==
MIME-Version: 1.0
X-Received: by 10.55.79.5 with SMTP id d5mr629488qkb.30.1452720838772; Wed, 13 Jan 2016 13:33:58 -0800 (PST)
Sender: phluid61@gmail.com
Received: by 10.55.155.2 with HTTP; Wed, 13 Jan 2016 13:33:58 -0800 (PST)
Received: by 10.55.155.2 with HTTP; Wed, 13 Jan 2016 13:33:58 -0800 (PST)
In-Reply-To: <5696C06E.6030108@gmail.com>
References: <304F200F-CF0B-4C23-91F9-BFC06C41BDA8@cisco.com> <5686E386.70008@gmail.com> <CAMm+LwhExTXC6xWDbR0Q5owi45UfBAgR+Z96p4BJWi-_5Q5tXA@mail.gmail.com> <DB4PR06MB4571A77D35C4B525CE73398ADF00@DB4PR06MB457.eurprd06.prod.outlook.com> <CAMm+Lwh_6EP4d4tW8CgKZm36De7rO3VCbrBwa+1PGp9M2F4KLQ@mail.gmail.com> <5695A941.1010501@dougbarton.us> <CAMm+LwiJi+ecYU9edkTJ30rTWtRcarUD2BBYfyvRedRvVzcV5Q@mail.gmail.com> <5695EFC1.7070708@dougbarton.us> <CAMm+Lwh6rh5GR9JkecYB90YwhuyyNAyvefZDMDqfzHP6RJbsjg@mail.gmail.com> <5696C06E.6030108@gmail.com>
Date: Thu, 14 Jan 2016 07:33:58 +1000
X-Google-Sender-Auth: 4biAGUlxnVz4NsdHJpF1FcLzkgg
Message-ID: <CACweHNALUBPLEUAsXMrze20Z4AAaov8=zbo80A58sLDGupvwnQ@mail.gmail.com>
Subject: Re: On email and web security
From: Matthew Kerwin <matthew@kerwin.net.au>
To: Doug Royer <douglasroyer@gmail.com>
Content-Type: multipart/alternative; boundary="001a114a96b28d8e1705293ded60"
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/WDV9af6Dgem9Fx-m9J1G4zdeJ2I>
Cc: ietf@ietf.org
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Jan 2016 21:34:01 -0000

On 14/01/2016 7:25 AM, "Doug Royer" <douglasroyer@gmail.com> wrote:
>
> On 01/13/2016 08:03 AM, Phillip Hallam-Baker wrote:
> >>...
> >> On 01/12/2016 06:27 PM, Phillip Hallam-Baker wrote:
> >
> > That is precisely the point. With proxy re-encryption 'recryption' you
> > do not need to trust the mailing list server. Only the list admin
> > needs to be trusted with the master decryption key.
>
> And you would have to trust the mailing list software verified that the
> incoming email was encrypted, and by a trusted source, and only accepted
> encrypted email.
>
> If the list server accepted unencrypted email, encrypted it with the
> lists key, would anyone be able to tell?
>

If it comes in plaintext, nothing stops the server (algorithmically or
morally) from adding a header or some body text that says "I encrypted
this, but before that it was clear"

At least then the recipients would know the message they received is the
one the list server distributed, even if not the original author.