IETF Logo Mail Archive

Re: What real users think [was: Re: pgp signing in van]

Brian E Carpenter <brian.e.carpenter@gmail.com> Mon, 09 September 2013 20:48 UTC

Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D9FF721E8151 for <ietf@ietfa.amsl.com>; Mon, 9 Sep 2013 13:48:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id r2Z9IaPjY6+r for <ietf@ietfa.amsl.com>; Mon, 9 Sep 2013 13:48:57 -0700 (PDT)
Received: from mail-pd0-x233.google.com (mail-pd0-x233.google.com [IPv6:2607:f8b0:400e:c02::233]) by ietfa.amsl.com (Postfix) with ESMTP id 3E82A21E80C4 for <ietf@ietf.org>; Mon, 9 Sep 2013 13:48:37 -0700 (PDT)
Received: by mail-pd0-f179.google.com with SMTP id v10so6647870pde.38 for <ietf@ietf.org>; Mon, 09 Sep 2013 13:48:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:organization:user-agent:mime-version:to:cc :subject:references:in-reply-to:content-type :content-transfer-encoding; bh=7sKl+JibJMx7xhJwqDwW6mkFISRJpp2p+HJ5P0r6Ghc=; b=g3CiYA+5W62f0+KGxnt2vYGwAWhfHfHpk2iXRHwgPNSUREuZdcqxgsp44+sjAYCIl8 8EAkpebb7GpmAOPaUYOO87Ls2ktdTAKgp89nIdIVlIB9xhNglDUfWaLWVwZVN8CV/Iyt gtv0M4pPPzXNAcX2oNczNK6Ne/4icVwIjBv5Cd13lYtsrDlvJ3zbWnfI+F4oruPGw+Nn gfcoR8CnRRPr6qFnDHZcFD9ziL7muvXBOP65taj6Dvk9o9pgMH4yU0Fr/6zPDWlaexun HQ4QiHDRud7bpwn3MhiCi5UHZ9/cTN8jGLn6+9o3YTK7jaxD/nmB6NM2pzCUaPRHK6b1 udWA==
X-Received: by 10.68.19.226 with SMTP id i2mr5929223pbe.131.1378759716902; Mon, 09 Sep 2013 13:48:36 -0700 (PDT)
Received: from [192.168.178.20] (20.200.69.111.dynamic.snap.net.nz. [111.69.200.20]) by mx.google.com with ESMTPSA id k4sm13465419pbd.11.1969.12.31.16.00.00 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Mon, 09 Sep 2013 13:48:36 -0700 (PDT)
Message-ID: <522E3425.8070009@gmail.com>
Date: Tue, 10 Sep 2013 08:48:37 +1200
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Organization: University of Auckland
User-Agent: Thunderbird 2.0.0.6 (Windows/20070728)
MIME-Version: 1.0
To: Steve Crocker <steve@shinkuro.com>
Subject: Re: What real users think [was: Re: pgp signing in van]
References: <m2zjrq22wp.wl%randy@psg.com> <2309.1378487864@sandelman.ca> <522A5A45.7020208@isi.edu> <CA2A6416-7168-480A-8CE1-FB1EB6290C77@nominum.com> <522A71A5.6030808@gmail.com> <6DE840CA-2F3D-4AE5-B86A-90B39E07A35F@nominum.com> <CAPv4CP_ySqyEa57jUocVxX6M6DYef=DDdoB+XwmDMt5F9eGn1A@mail.gmail.com> <18992.1378676025@sandelman.ca> <8D23D4052ABE7A4490E77B1A012B63077527BC7A@mbx-01.win.nominum.com> <13787.1378730617@sandelman.ca> <8D23D4052ABE7A4490E77B1A012B63077527C8AB@mbx-01.win.nominum.com> <522E2AE4.6010908@gmail.com> <522E2C78.4050706@dcrocker.net> <F17097BC-AAD6-48EA-80D3-202DC45F7C70@shinkuro.com> <522E3141.5060609@dcrocker.net> <D47C01B0-D846-4130-9F23-8EC71E269E72@shinkuro.com>
In-Reply-To: <D47C01B0-D846-4130-9F23-8EC71E269E72@shinkuro.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Cc: dcrocker@bbiw.net, IETF discussion list <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Sep 2013 20:48:59 -0000

On 10/09/2013 08:39, Steve Crocker wrote:
> Yes, I am speaking of what would be possible today with a fresh start.  The fresh start would also include signatures and encryption as a required part of the design.  (If everyone has to have a key, the key management problems would be greatly reduced.)

Indeed. How one achieves such a fresh start is unclear.

(Excuse my ignorance, but do existing MUAs allow one to edit a body part
that arrived with a PGP signature?)

    Brian

> Steve
> 
> On Sep 9, 2013, at 4:36 PM, Dave Crocker <dhc@dcrocker.net> wrote:
> 
>> On 9/9/2013 1:27 PM, Steve Crocker wrote:
>>> Actually, I interpret the chemistry professor's comment in a
>>> different light.  It would be possible to design a system where:
>>>
>>> o the standard end user software doesn't facilitate editing the other
>>> person's text, and
>>>
>>> o each piece of text is signed.
>>>
>>> The result would be a system where a recipient would know whether the
>>> person who is alleged to have written a piece of the message actually
>>> did so, and the normal mode of use would be to leave things
>>> untouched.  Or, if you edit someone else's text, it immediately
>>> becomes your text.
>>
>> The professor's comment was on function, not method. My comment was on
>> the limitations to methods available at the time.
>>
>> In a controlled environment, with good resources, quite a bit is
>> possible. Indeed, server-based "department-level" email products in the
>> 1980s did enforce such restrictions. The single-administration servers
>> had complete control over the message.
>>
>> Distribution with independent administrative authorities makes this a
>> very different game. Enforcement by fiat is impossible.
>>
>> That's where signing comes in, of course. Modify the content and the
>> signature fails. Besides the computational overhead -- which was
>> relatively onerous back when the infrastructure was being established --
>> this requires that the receiver know and demand that the signature be
>> present; this requirement has its own adoption barriers.
>>
>> Starting with a blank sheet and today's technologies, the requirement is
>> possibly feasible to satisfy -- if we ignore the continuing human
>> factors barriers to large scale email authentication. However given the
>> resources at the time the operational service was developed, I think it
>> wasn't.
>>
>>
>> d/
>> -- 
>> Dave Crocker
>> Brandenburg InternetWorking
>> bbiw.net
> 
>

v2.23.0 | Report a Bug | By Email