Re: On email and web security
Doug Royer <douglasroyer@gmail.com> Wed, 13 January 2016 22:34 UTC
Return-Path: <douglasroyer@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2106B1A878C for <ietf@ietfa.amsl.com>; Wed, 13 Jan 2016 14:34:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.979
X-Spam-Level:
X-Spam-Status: No, score=-0.979 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, MISSING_HEADERS=1.021, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3yxZlsBx97Fc for <ietf@ietfa.amsl.com>; Wed, 13 Jan 2016 14:34:26 -0800 (PST)
Received: from mail-pf0-x234.google.com (mail-pf0-x234.google.com [IPv6:2607:f8b0:400e:c00::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CE1BA1A877C for <ietf@ietf.org>; Wed, 13 Jan 2016 14:34:26 -0800 (PST)
Received: by mail-pf0-x234.google.com with SMTP id 65so88205951pff.2 for <ietf@ietf.org>; Wed, 13 Jan 2016 14:34:26 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=subject:references:cc:from:organization:message-id:date:user-agent :mime-version:in-reply-to:content-type; bh=BZ/aCn4pWw++OiEbVsTwdUsRLV/JYJ2Xu1ymFDgHzkE=; b=IB3dexVW9JwgQQkBlfuyb1aUa9gxo0GqDCdbxW7JgxM50h3WDh/qD15ZvHpmWJh0mh KA7gY52d858AOshelfQhmBqTb2BQv44O/uqV6F/CHsCx1IyI7FOJ+MQWLCSnGTJO8GJ9 RxvgLpyogADKw76kzr8CCymXya5HXMTYSo/qdTfHyEZhRxBrrgcB7qy5RuIzb97Ad5iF cc+HX3WI/1rTG1HiUspgcAupiJ23gPbmBILgseuj08G7vrdzWh5Nw9dyDsX6tQbBdbr8 tdVT3O3BQwVcstJVLdkd34Z5mk0YZif+r53Zrz2TM0iz+Y4sFiQOl2tJne44DEl+Cg+Q HJhg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:subject:references:cc:from:organization :message-id:date:user-agent:mime-version:in-reply-to:content-type; bh=BZ/aCn4pWw++OiEbVsTwdUsRLV/JYJ2Xu1ymFDgHzkE=; b=j5sbO35bT2QpRiP/AzohyQpgQuk68VJstKAp1oA1UoHYaL3eKzMMU5/ZOLUyftFenA 5J/29tdZ9CK1XSI0c2iOhKt4aXv9ZkiuJUPd33zLlirAB2W5nMqcVjVrx+X6/GhGevuG cXAK4dKtHxYlLiIChcEPqX8H4mLAc+4znn1j5Zc33cfsphl4LWOZi785978KhA0FeocW LCFPfCwbIDzAjXL4ym7bBML/hf7red5pI6Bq73bEzaYrzkyfXfO7HBqHfyXFX0zbsYmm Z5fuHWZ3M2+Lbdr0JvpgoxMUZM2mVviJM0kXh2OgVDB/6+kP5h4is4s8xwr2iW8dWleF hSuw==
X-Gm-Message-State: ALoCoQmoLwUfSlAWD/E2e9aYQ6cVmMNYfOJtguI40LNJGTOTgUPiSa92TarBQ08DtKkQdpPoV572+bUSSKNKvwZKONC+WdsJcA==
X-Received: by 10.98.8.28 with SMTP id c28mr987165pfd.56.1452724466476; Wed, 13 Jan 2016 14:34:26 -0800 (PST)
Received: from [192.168.1.4] ([65.129.3.97]) by smtp.googlemail.com with ESMTPSA id u69sm4805982pfa.61.2016.01.13.14.34.25 for <ietf@ietf.org> (version=TLSv1/SSLv3 cipher=OTHER); Wed, 13 Jan 2016 14:34:25 -0800 (PST)
Subject: Re: On email and web security
References: <304F200F-CF0B-4C23-91F9-BFC06C41BDA8@cisco.com> <5686E386.70008@gmail.com> <CAMm+LwhExTXC6xWDbR0Q5owi45UfBAgR+Z96p4BJWi-_5Q5tXA@mail.gmail.com> <DB4PR06MB4571A77D35C4B525CE73398ADF00@DB4PR06MB457.eurprd06.prod.outlook.com> <CAMm+Lwh_6EP4d4tW8CgKZm36De7rO3VCbrBwa+1PGp9M2F4KLQ@mail.gmail.com> <5695A941.1010501@dougbarton.us> <CAMm+LwiJi+ecYU9edkTJ30rTWtRcarUD2BBYfyvRedRvVzcV5Q@mail.gmail.com> <5695EFC1.7070708@dougbarton.us> <CAMm+Lwh6rh5GR9JkecYB90YwhuyyNAyvefZDMDqfzHP6RJbsjg@mail.gmail.com> <5696C06E.6030108@gmail.com> <CACweHNALUBPLEUAsXMrze20Z4AAaov8=zbo80A58sLDGupvwnQ@mail.gmail.com>
Cc: ietf@ietf.org
From: Doug Royer <douglasroyer@gmail.com>
Organization: http://SoftwareAndServices.NET
Message-ID: <5696D0F6.9010707@gmail.com>
Date: Wed, 13 Jan 2016 15:34:30 -0700
User-Agent: Mozilla/5.0 (X11; Linux i686; rv:38.0) Gecko/20100101 Thunderbird/38.4.0
MIME-Version: 1.0
In-Reply-To: <CACweHNALUBPLEUAsXMrze20Z4AAaov8=zbo80A58sLDGupvwnQ@mail.gmail.com>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-256"; boundary="------------ms000705030908030803060205"
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/Xkp3WYGCFuMlDmHhNO1jFa9ogI0>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Jan 2016 22:34:28 -0000
On 01/13/2016 02:33 PM, Matthew Kerwin wrote: > > On 14/01/2016 7:25 AM, "Doug Royer" <douglasroyer@gmail.com > <mailto:douglasroyer@gmail.com>> wrote: >> >> On 01/13/2016 08:03 AM, Phillip Hallam-Baker wrote: >> >>... >> >> On 01/12/2016 06:27 PM, Phillip Hallam-Baker wrote: >> > >> > That is precisely the point. With proxy re-encryption 'recryption' you >> > do not need to trust the mailing list server. Only the list admin >> > needs to be trusted with the master decryption key. >> >> And you would have to trust the mailing list software verified that the >> incoming email was encrypted, and by a trusted source, and only accepted >> encrypted email. >> >> If the list server accepted unencrypted email, encrypted it with the >> lists key, would anyone be able to tell? >> > > If it comes in plaintext, nothing stops the server (algorithmically or > morally) from adding a header or some body text that says "I encrypted > this, but before that it was clear" > > At least then the recipients would know the message they received is the > one the list server distributed, even if not the original author. A person that replied to the list message, and had expected the conversation to be secure, might want to know that part of the conversation was not secure. So, I would think that an added header would be a MUST. In ether case your trusting the list server implementation, configuration, and site admins and not just the list admin with the list key as commented above. It would also be a hole where a subpoena could allow anyone to see the communications. After decryption, and before re-encryption. For those that really want a secure list. In addition, users of the list would have to trust that the implementation, configuration, or site admins would forward only encrypted emails to other list members, else its only secure at the endpoints that happen to use encryption. How could you tell that the encrypted email sent to a list server did in fact encrypt the email when it forwarded the email to all recipients? So, I can't see how anyone that wanted a secure communication could trust re-encrypted list forwarding. (or at least how I understand this idea as described in this thread). -- Doug Royer - (http://K7DMR.us / http://DougRoyer.US) DouglasRoyer@gmail.com 714-989-6135
- On email and web security Fred Baker (fred)
- Re: On email and web security Paul Wouters
- Re: On email and web security Kathleen Moriarty
- Re: On email and web security Fernando Gont
- Re: On email and web security IETF Chair
- Re: On email and web security John Levine
- Re: On email and web security Michael Richardson
- Re: On email and web security Phillip Hallam-Baker
- Re: On email and web security Doug Royer
- Re: On email and web security Doug Royer
- Re: On email and web security Phillip Hallam-Baker
- Re: On email and web security Phillip Hallam-Baker
- Re: On email and web security l.wood
- Re: On email and web security Steve Crocker
- Re: On email and web security John Levine
- Re: On email and web security Phillip Hallam-Baker
- Re: On email and web security Phillip Hallam-Baker
- Re: On email and web security Doug Barton
- Re: On email and web security Phillip Hallam-Baker
- Re: On email and web security Doug Barton
- Re: On email and web security Dave Cridland
- Re: On email and web security Phillip Hallam-Baker
- Re: On email and web security Doug Barton
- Re: On email and web security Doug Royer
- Re: On email and web security Matthew Kerwin
- Re: On email and web security Doug Royer
- Re: On email and web security John Levine
- Re: On email and web security Doug Barton
- Re: On email and web security John Levine
- Re: On email and web security Doug Barton
- Re: On email and web security Phillip Hallam-Baker
- Re: On email and web security George Michaelson