IETF Logo Mail Archive

How are S/MIME private keys handled across MUAs?

vaibhav singh <vaibhavsinghacads@gmail.com> Wed, 16 August 2017 18:50 UTC

Return-Path: <vaibhavsinghacads@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 508BF1321CB for <ietf@ietfa.amsl.com>; Wed, 16 Aug 2017 11:50:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NB7oWpYAdNKl for <ietf@ietfa.amsl.com>; Wed, 16 Aug 2017 11:50:37 -0700 (PDT)
Received: from mail-it0-x22c.google.com (mail-it0-x22c.google.com [IPv6:2607:f8b0:4001:c0b::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 26B0E1321B9 for <ietf@ietf.org>; Wed, 16 Aug 2017 11:50:37 -0700 (PDT)
Received: by mail-it0-x22c.google.com with SMTP id 77so21639041itj.1 for <ietf@ietf.org>; Wed, 16 Aug 2017 11:50:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=X8WYfCV5+FK06WbNYO4uloJ3jHFqZhG9qRs9aMPHCbA=; b=BtxPH8Q3qQ39Kk9LdkBku71OLRv8uhUsSYQ6jPFR7Z0dHlAi/aw/oyujWAqulydDYv 0dTP0Y4nPS/2FgeSHpLEKCfiU2tNoLja+Cqtl1f3OAs298g7qpz9Rp8Fr7L3iqkqHitl /HIcU+TYs9hTd0cI7GF5CUkpE9cc9/muvf09wpgcNjsYnDg+suBSXNbFt1aB04kPSctv UBXIOuY9CtB3/3SAM999d1OKBicN/IyFGtktH+bIZdyibq1rmLJ/n5St7OuQAKmH5hzj QZcIGZudQnFXSCgdZxciZqwyjlAsFqtYXWdWLcFutTkjH1OXsTf4Bz15wm7XNAnjnuIv 1ZVQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=X8WYfCV5+FK06WbNYO4uloJ3jHFqZhG9qRs9aMPHCbA=; b=NUL0mUlwZAnkWMjIIKJIDqJEb5roFkud9yjekS8SidSNnsxExduQAYDzNjO49Ed86S /Wx3u9Lkr0KA3ySOSDC8fvBNqmRDYrJstjsoCkwCAp9xoCNFFv4CyMYSFJpEnKmPtNWP BFAhwE9wMTwi7xXsePemFDTMaG1qIs+lstAm87OBQmyxro37KL0p3Qz+mpnIpSBa2HXN gBQr/Srja+THEBoOmPFviGKNZbHLysH64yRFG8vefRv1MUIoMb/xLIvvfqriAknp3ZTI +XYiEbKJHK5iFlv2wJn61AkMjbKXdShBCpEkDFjCyUXypPeXCnD1PJg0Y3zIfYQ/wMfQ tyXw==
X-Gm-Message-State: AHYfb5hwKbZ+dzUlx/Dsq//5nR4Yi0tv1mW/kdvSTuLuvb5CqyPhMG1d GGhT+OhJaJTtjH0I0WZs8qW/Sk6g0Q==
X-Received: by 10.36.196.67 with SMTP id v64mr3049921itf.156.1502909436389; Wed, 16 Aug 2017 11:50:36 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.79.0.208 with HTTP; Wed, 16 Aug 2017 11:50:35 -0700 (PDT)
From: vaibhav singh <vaibhavsinghacads@gmail.com>
Date: Thu, 17 Aug 2017 00:20:35 +0530
Message-ID: <CACZ1GiqT6iANkgpDjh-+43pGUY0uEnPdaDnwecBj66S4igTPxA@mail.gmail.com>
Subject: How are S/MIME private keys handled across MUAs?
To: "ietf@ietf.org Discussion" <ietf@ietf.org>
Content-Type: multipart/alternative; boundary="94eb2c05c64615ed830556e35f6c"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/iFKEja5aN0ANa6EIUzob2lwRhW0>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Aug 2017 18:50:39 -0000

Hi,
I was looking at RFCs for S/MIME, and had a question: What if I am logged
into multiple clients(my mobile, a web application, Thunderbird) with an
email account, and I receive an encrypted email?

I can see that the encrypted email would be created with my public key,
and, assuming one public key for one email account, I will have one private
key which I will somehow make use of across all my MUAs. I could not think
of a simple way using which I will be able to sync my private key.

Is there any good way of sharing private keys across clients (maybe some
way of securely syncing files)? How do corporate clients resolve this
issue? Is there an RFC which I may have to refer to?

Another line of thinking; is it possible to create key pairs
(triplets?quadruplets?) wherein there could be multiple private keys
generated for a single public key? And, what about the other way round?

-- 

Regards,
Vaibhav Singh

v2.23.0 | Report a Bug | By Email