IETF Logo Mail Archive

Re: email standards (was: Re: facilitators at ietf@ietf.org)

Scott Kitterman <scott@kitterman.com> Tue, 23 September 2014 21:17 UTC

Return-Path: <scott@kitterman.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B1BEF1A1BE5 for <ietf@ietfa.amsl.com>; Tue, 23 Sep 2014 14:17:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.002
X-Spam-Level:
X-Spam-Status: No, score=-2.002 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id K-Vws4rvmCYS for <ietf@ietfa.amsl.com>; Tue, 23 Sep 2014 14:17:54 -0700 (PDT)
Received: from mailout03.controlledmail.com (mailout03.controlledmail.com [208.43.65.50]) (using TLSv1.1 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D00C41A1BDA for <ietf@ietf.org>; Tue, 23 Sep 2014 14:17:53 -0700 (PDT)
Received: from mailout03.controlledmail.com (localhost [127.0.0.1]) by mailout03.controlledmail.com (Postfix) with ESMTP id C3D1ED04642; Tue, 23 Sep 2014 17:17:51 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=kitterman.com; s=2014-01; t=1411507071; bh=aGofigX00kbvPWinbbSgzxm88gP/XnAdzkoyCk4wXgk=; h=From:To:Subject:Date:In-Reply-To:References:From; b=HdZw0ZFpc+XM5GbUpk67VpEum71ApnMAhdv+Zn2v+j9oNmQwfJaOUfTepAAL5MyEq dASmhaoO9PXcGxTNoMKmUBFfy9VYyM3rg7xgEcTcC1awy+by6pw0b4elKLSQPIIsk+ unbTeGth8u2RZ78ATSnIptpYb9caAHyj03e+xwxg=
Received: from scott-latitude-e6320.localnet (static-72-81-252-21.bltmmd.fios.verizon.net [72.81.252.21]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mailout03.controlledmail.com (Postfix) with ESMTPSA id 87EA4D04592; Tue, 23 Sep 2014 17:17:51 -0400 (EDT)
From: Scott Kitterman <scott@kitterman.com>
To: IETF <ietf@ietf.org>
Subject: Re: email standards (was: Re: facilitators at ietf@ietf.org)
Date: Tue, 23 Sep 2014 17:17:49 -0400
Message-ID: <1454468.3R9eHDD3Io@scott-latitude-e6320>
User-Agent: KMail/4.13.3 (Linux/3.13.0-35-generic; KDE/4.13.3; x86_64; ; )
In-Reply-To: <A94EB0C46B51C2E2AD3A3BAA@JcK-HP8200.jck.com>
References: <E6D4B18F-9533-4EE1-A794-526094893D3C@ietf.org> <CAMm+LwjxOiFsWcCZoGcaqaF3fv6XBOK8LhQdzWJsigYvQQ4-kg@mail.gmail.com> <A94EB0C46B51C2E2AD3A3BAA@JcK-HP8200.jck.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"
X-AV-Checked: ClamAV using ClamSMTP
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/fOlHivsPKbkfFW9iuugUwEHtgVA
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Sep 2014 21:17:55 -0000

On Tuesday, September 23, 2014 16:48:29 John C Klensin wrote:
> --On Tuesday, September 23, 2014 16:08 -0400 Phillip
> 
> Hallam-Baker <phill@hallambaker.com> wrote:
> >> Surely PHB isn't saying that SMTP and the email format docs
> >> are incompatible?  That would be a nonsensical assertion,
> >> since they are separate layers (the one is used to transport
> >> the other).  Perhaps there are two different email standards
> >> that perform the same functions but are incompatible?
> >> Perhaps S/MIME and PGP?  Or perhaps two different security
> >> related email specs?
> > 
> > I meant two secure email standards. Empirically we have two
> > right now, S/MIME and PGP.
> > 
> > Since I was talking about security, I thought it was obvious
> > from the context.
> 
> Nothing about your note made that clear -- it didn't mention
> security generally and you said "email standards".  Be that as
> it may, I think you are overlooking a key aspect of the PGP
> versus S/MIME problem.   Suppose we actually did have two sets
> of email standards, one using SMTP transport with 822-style
> "field-name: value-string" headers (as we have today) and other
> other of which used SMTP (to avoid making this completely
> unrealistic) with ASN.1-like coded X.400-like inner envelope
> header structure.  There would certainly be a reasonable
> complaint that we had specified two different ways to do the
> same thing with only subtle differences in capabilities between
> them.
> 
> But it seems to me that S/MIME and PGP represent two
> fundamentally different trust models.  The first is based on a
> certificate hierarchy model, one that would have very good
> international scaling properties had we actually figured out how
> to make a global single-purpose PKI work and be trusted.  Worse,
> absent that type of PKI, it was very hard to think about how to
> bootstrap the system, at least without pushing decisions about
> which certification authorities to trust back to end users who
> had absolutely no basis on which to make those choices.  The
> second is based on a web of trust arrangement that most of us
> knew at the time wouldn't scale well internationally nor be
> usable among parties who didn't have at least a second, or
> possibly third, "degree" of connection but that was far easier
> to bootstrap than something that assumed a global PKI.
> 
> Now it is certainly possible to imagine a message format that
> would have more commonalities than we ended up with.  We
> actually had standards-track specifications for such a format,
> in the form of RFC 1421ff and the earlier RFC1113ff.   I think
> it is reasonable to summarize PEM by saying it went nowhere
> except that we might have learned a bit from it in building
> S/MIME and/or OpenPGP.
> 
> So, we are now at a point at which neither OpenPGP nor S/MIME
> has achieved wide adoption and use.  We have learned such things
> we (at least some of us) didn't anticipate.  In S/MIME's case,
> that notably includes issues of trust in CAs and the
> effectively-dictatorial (or oligarchic) authority of browser
> vendors to determine CA usability.  In OpenPGP's case, we have
> demonstrated some of the scaling and key management issues that
> some people anticipated all along.
> 
> You seem to believe that more commonality of formats would have
> left us in better shape today.  Because I think the problem is
> the irreconcilable difference in trust model and relationships,
> I believe it would have made almost no difference at all (even
> if it were a good idea).  You could be right but, if you want to
> make that case, please try to do so in a way that the rest of us
> can understand rather than, e.g., making broad assertions about
> causes and implications of the IETF's failure to generate a
> single standard for secure/encrypted email or email more
> generally.

+1.

I use both OpenPGP and S/MIME on a regular basis and in no case where I use 
one would the other be suitable primarily because of the differences in trust 
models you describe.  While they both sign/encrypt email their use cases are 
disjoint in my experience.

Scott K

v2.23.0 | Report a Bug | By Email