IETF Logo Mail Archive

Re: not really pgp signing in van

"John R Levine" <johnl@taugh.com> Tue, 10 September 2013 01:53 UTC

Return-Path: <johnl@taugh.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3AB3E21E8063 for <ietf@ietfa.amsl.com>; Mon, 9 Sep 2013 18:53:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7qn7FLJGYkrz for <ietf@ietfa.amsl.com>; Mon, 9 Sep 2013 18:53:16 -0700 (PDT)
Received: from leila.iecc.com (leila6.iecc.com [IPv6:2001:470:1f07:1126:0:4c:6569:6c61]) by ietfa.amsl.com (Postfix) with ESMTP id EC90B11E80F8 for <ietf@ietf.org>; Mon, 9 Sep 2013 18:53:15 -0700 (PDT)
Received: (qmail 70195 invoked from network); 10 Sep 2013 01:53:14 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent:cleverness; s=11232.522e7b8a.k1309; bh=8kVETZzZJaKGjvCi80DMIqVm0ulCIGChRa0sojvRZss=; b=MB0viwIC3t79JUEYEgD0FVTYZ96nX4388Inahnk1A5j+jdBUVyEVvNg1Z5a0kpjPsEMYbPxfzf7obdvSMJ75qWixgiMybHvjSqcVrutc/dQRrSiospNlB/wCVltBke2Uj/p9Ow7L7yGCvZy7RsaNgpFZAKpqjXazxnqisSFJR+VCcpG8elmbT3+sJnepFgtbhHoNeTtu/ihB7RN/Xly7r4k3qRASiWU6OwnfaYvVd3geLqS64dm2ymLF6hrSw3uj
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent:cleverness; s=11232.522e7b8a.k1309; bh=8kVETZzZJaKGjvCi80DMIqVm0ulCIGChRa0sojvRZss=; b=MffjNui5kkNuKEL8LEMq8hWkEQXAAH9mmFFfWcWTSluq5DlFtVkbixX9Ig3uDANaRUUnA+mDq0dhx734DHv9Z6/uqRYP8HjZc3lfZeouoccLpGYWQVyGLt1J3JcCxurnqZjHA0Piq9cQaJA00HrOv1PqsSulsy84kh1xs9ChVScxZS4K2ltYAIKn9zbVSuctYx6o8F2CgkUoRgfRK0WcukWeRgfHwsT/I4CPXdzjW4nZoshid22BPrGSXOoqVsxI
Received: (ofmipd 127.0.0.1); 10 Sep 2013 01:52:52 -0000
Date: Mon, 09 Sep 2013 21:53:14 -0400
Message-ID: <alpine.BSF.2.00.1309092151460.34138@joyce.lan>
From: John R Levine <johnl@taugh.com>
To: Ted Lemon <Ted.Lemon@nominum.com>
Subject: Re: not really pgp signing in van
In-Reply-To: <8D23D4052ABE7A4490E77B1A012B63077527E488@mbx-01.win.nominum.com>
References: <20130910010719.33978.qmail@joyce.lan> <8D23D4052ABE7A4490E77B1A012B63077527E234@mbx-01.win.nominum.com> <alpine.BSF.2.00.1309092125360.34090@joyce.lan> <8D23D4052ABE7A4490E77B1A012B63077527E488@mbx-01.win.nominum.com>
User-Agent: Alpine 2.00 (BSF 1167 2008-08-23)
Cleverness: None detected
MIME-Version: 1.0
Content-Type: MULTIPART/signed; protocol="application/pkcs7-signature"; micalg="sha1"; BOUNDARY="3825401791-963050371-1378777994=:34138"
Cc: "<ietf@ietf.org>" <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Sep 2013 01:53:17 -0000

>> Typical S/MIME keys are issued by CAs that verify them by
>> sending you mail with a link.  While it is easy to imagine ways that
>> could be subverted, in practice I've never seen it.
>
> The most obvious way that it can be subverted is that the CA issues you a key pair and gives a copy of the private key to one or more others who would like either to be able to pretend to be you, or to intercept communication that you have encrypted.   I would argue that this is substantially less trustworthy than a PGP key!

Like I said, it's easy to imagine ways it could be subverted.  If you 
believe all CAs are crooks, you presumably don't use SSL or TLS either, 
right?

> Of course you can _do_ S/MIME with a non-shared key, but not for free, 
> and not without privacy implications.  (I'm just assuming that an 
> individual can get an S/MIME Cert on a self-generated public key—I 
> haven't actually found a CA who offers that service.)
>
>> Same issue.  I can send signed mail to a buttload more people with
>> S/MIME than I can with PGP, because I have their keys in my MUA.
>> Hypothetically, one of them might be bogus.  Realistically, they aren't.
>
> Very nearly that same degree of assurance can be obtained with PGP; the difference is that we don't have a ready system for making it happen.
>
> E.g., if my MUA grabs a copy of your key from a URL where you've published it, and validates email from you for a while, it could develop a degree of confidence in your key without requiring an external CA, and without that CA having a copy of your private key.   Or it could just do ssh-style leap-of-faith authentication of the key the first time it sees it; a fake key would be quickly detected unless your attacker controls your home MTA or the attacked identity's home MTA.

That would be great if MUAs did that, but they don't.

As I think I've said three times now, the actual support for S/MIME in 
MUAs is a lot better than the support for PGP.  It helps that you can 
extract a correspondent's key from every S/MIME message, rather than 
having to go to a keyserver of some (likely untrustworthy) sort to get the 
PGP keys.

If we think that PGP is so great, how about writing native PGP support for 
Thunderbird and Evolution, and contribute them to the open source 
codebase?

Regards,
John Levine, johnl@iecc.com, Primary Perpetrator of "The Internet for Dummies",
Please consider the environment before reading this e-mail. http://jl.ly

v2.23.0 | Report a Bug | By Email