IETF Logo Mail Archive

Re: the introduction problem, was Email and reputation (was Re: Service outages planned for April 25)

Viktor Dukhovni <ietf-dane@dukhovni.org> Tue, 03 May 2022 04:46 UTC

Return-Path: <ietf-dane@dukhovni.org>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E2B4FC157B35 for <ietf@ietfa.amsl.com>; Mon, 2 May 2022 21:46:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pzhfXQmVqDaj for <ietf@ietfa.amsl.com>; Mon, 2 May 2022 21:46:13 -0700 (PDT)
Received: from straasha.imrryr.org (straasha.imrryr.org [100.2.39.101]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 10B7EC147921 for <ietf@ietf.org>; Mon, 2 May 2022 21:46:12 -0700 (PDT)
Received: from smtpclient.apple (unknown [192.168.1.166]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by straasha.imrryr.org (Postfix) with ESMTPSA id C1F9DF4084 for <ietf@ietf.org>; Tue, 3 May 2022 00:46:11 -0400 (EDT)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.80.82.1.1\))
Subject: Re: the introduction problem, was Email and reputation (was Re: Service outages planned for April 25)
From: Viktor Dukhovni <ietf-dane@dukhovni.org>
In-Reply-To: <837df6ce-a771-ff2f-515b-1021cc242c23@network-heretics.com>
Date: Tue, 03 May 2022 00:46:11 -0400
Content-Transfer-Encoding: quoted-printable
Reply-To: ietf@ietf.org
Message-Id: <2E576046-0532-41C8-AF51-1C2D09BC8BAE@dukhovni.org>
References: <dcc27c29-51f8-c2a4-8ce4-ee1a3c6cb017@nostrum.com> <AAE3C51B-0150-483C-8244-3D60BC31B19A@tzi.org> <2c5df733-0f86-d319-b886-81882328caa9@network-heretics.com> <1870005490.14504.1651151102962@appsuite-gw1.open-xchange.com> <t4f3j1$1mpc$1@gal.iecc.com> <626060406.28268.1651487745123@appsuite-gw1.open-xchange.com> <2480fd36-c16a-6d98-ddac-15d02259ffbe@taugh.com> <837df6ce-a771-ff2f-515b-1021cc242c23@network-heretics.com>
To: ietf@ietf.org
X-Mailer: Apple Mail (2.3696.80.82.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/j9KNaPnzZi3VMfCWmg3m-DOre1c>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 May 2022 04:46:15 -0000

> On 3 May 2022, at 12:24 am, Keith Moore <moore@network-heretics.com> wrote:
> 
> I'm not convinced that that's the (only or even most important) reason, or that it's even true.  From my perspective there have been several barriers to adopting S/MIME and/or PGPMIME, e.g. lack of MUA support, lack of email domain CAs and support for them among root CAs, lack of a well known and trusted set of root CAs such as exist for the web (it's not clear that they should should be the same set), lack of a standard key discovery mechanism, and (mostly I suspect) lack of mindshare.
> 
> When there are multiple barriers to solving a problem, any one of those problems can become an excuse to avoid solving the other problems.

Key distribution and discovery isn't the fatal problem, the fatal problem
is that encrypted email is unusable once received and stored.

Until encrypted email is usable (**search**, long-term signature validation,
personal private key rollover, ...), all the key distribution tech in the
world won't make it worth adopting.

PHB's mathematical mesh might come closer to addressing the key distribution
problem, but then we'll still have all the hard MUA issues.  Someone will have
to want to build MUAs that really solve the usability issues.  I don't see that
happening in a space dominated by cloud web mail providers, not sure it lines up
with their business models...

-- 
	Viktor.

v2.23.0 | Report a Bug | By Email