IETF Logo Mail Archive

Re: mail crypto, was the introduction problem, was Email

John Levine <johnl@taugh.com> Wed, 04 May 2022 02:45 UTC

Return-Path: <johnl@iecc.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 46664C15E6C6 for <ietf@ietfa.amsl.com>; Tue, 3 May 2022 19:45:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.851
X-Spam-Level:
X-Spam-Status: No, score=-1.851 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.248, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b=Rxgwz9I7; dkim=pass (2048-bit key) header.d=taugh.com header.b=AymBX9EE
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7zRHyy7qDUrR for <ietf@ietfa.amsl.com>; Tue, 3 May 2022 19:45:42 -0700 (PDT)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5D0F2C15E41D for <ietf@ietf.org>; Tue, 3 May 2022 19:45:42 -0700 (PDT)
Received: (qmail 37402 invoked from network); 4 May 2022 02:45:40 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:cleverness; s=9218.6271e8d4.k2205; bh=i12dKYBfrhsTF61uVqafKrjeef5M99LYofWVcsI7f3w=; b=Rxgwz9I7tZAA2mQ4KNaF2ymIa4Qu1GbhkXj1cEjloiS/z+S5eXvlCOJslQO3htb3GBm7N1ErD0IeUkj5QSDjRMF91MeuqkSfDU7MEISY6hkxKTazxkADSfeNo26pErK0JYO18P2kPJMyJW2cO4f/c0CKUXc6dQl8fP7d6yMbl5wPPlwMOQgs8ol7ATD/OTXUWQRNUKXEhqcKURfCUg3wPtC7CKho7h2FT7oVizEoWFrto8pQ9vUpnN9Z3BIvwtYohrvEsuxID/ZZyTuN1eG7JhkxDkIGJEzC1ocZCJxpeSXGJ2eRrPtAKM381p930hcb7RIKPkgXAa0HNusryeoF7Q==
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:cleverness; s=9218.6271e8d4.k2205; bh=i12dKYBfrhsTF61uVqafKrjeef5M99LYofWVcsI7f3w=; b=AymBX9EE0O+Hk4+sfff0yBfF+L8QXB057WTqE8Jf3DM3TA1Bpgif9fbUvMuJ39JBrs+jo7ZzBPbLDiuutJnIt3zJxiYVOav5fOvqMiq5LZM2NjQ238+sGpYbnfVNRhxirVRS5oQJhaLBuQSQ1G8qFoJk9CDA+Ce81u4/kkHnK+SeKQ5r/MU12w5X5ES3LyuGwKQppQ1QI55dqNuzDCrMPMOP224P1wnqwU8sIYTy3HJdn/m5Jya2CWKxvYxuIyqnPISfp/d4u82f+dUu9gk/sfsDoJ8rZeR7HZp6kUDLdhVfKJmsbxW6V24Lp+FC5BcWJ6kIAb5ZxPGD8MPWFQWmKQ==
Received: from ary.qy ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.3 ECDHE-RSA AES-256-GCM AEAD) via TCP6; 04 May 2022 02:45:39 -0000
Received: by ary.qy (Postfix, from userid 501) id 852F23F56A58; Tue, 3 May 2022 22:45:38 -0400 (EDT)
Date: Tue, 03 May 2022 22:45:38 -0400
Message-Id: <20220504024539.852F23F56A58@ary.qy>
From: John Levine <johnl@taugh.com>
To: ietf@ietf.org
Subject: Re: mail crypto, was the introduction problem, was Email
In-Reply-To: <93d9d549a93ce396@orthanc.ca>
Organization: Taughannock Networks
X-Headerized: yes
Cleverness: minimal
Mime-Version: 1.0
Content-type: text/plain; charset="utf-8"
Content-transfer-encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/WJXwZd6JqhZi3gI5P85C7kTIf-Q>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 May 2022 02:45:47 -0000

It appears that Lyndon Nerenberg (VE7TFX/VE6BBM) <lyndon@orthanc.ca> said:
>For an IMAP store things get a bit tricker.  It would need a protocol
>exstention that allowed for on-the-fly decryption.

IMAP does header and content searches, and invariably indexes the
message store and update the indices as messages arrive so the
searches are reasonably fast. A lot of them use SIEVE or something
like it to do mail sorting as the mail arrives. Other than storing all
your keys in your IMAP server, how do you plan to do that? It is my
impression that the vast majority of mail users leave their mail on
the server and see the same folders from multiple devices, so this is
not an edge case, it's the most common case.

These are not trivial problems.  The people who write mail servers are not
completely inept, and if there were easy solutions to key management problems,
we would have solved them.

R's,
John

v2.23.0 | Report a Bug | By Email