IETF Logo Mail Archive

Re: On email and web security

Phillip Hallam-Baker <phill@hallambaker.com> Wed, 13 January 2016 15:03 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D05321B2E93 for <ietf@ietfa.amsl.com>; Wed, 13 Jan 2016 07:03:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.278
X-Spam-Level:
X-Spam-Status: No, score=-1.278 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EAdQNv5dnc9j for <ietf@ietfa.amsl.com>; Wed, 13 Jan 2016 07:03:13 -0800 (PST)
Received: from mail-lf0-x22a.google.com (mail-lf0-x22a.google.com [IPv6:2a00:1450:4010:c07::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 46A1E1B2E91 for <ietf@ietf.org>; Wed, 13 Jan 2016 07:03:13 -0800 (PST)
Received: by mail-lf0-x22a.google.com with SMTP id c192so257170894lfe.2 for <ietf@ietf.org>; Wed, 13 Jan 2016 07:03:13 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=gSdILGSzoG3OnKMPM1+MC6de79Xn9vxoFi1Y5rgm5jc=; b=t0fn8Li9iOJeaUhG03EWwMU7c8AApI10TbgE9Mio/J/KkXv/U2OnV6dDXiQkVGq8I9 sDvt3HUnXjuZOoy+8sqCfDpzR4zn60cowhKnCAJ1ZmHBdYJIInLJVwnpVOSL9BMFlIXw Y7r/44ufd2z4t1ohas++Kg0ModG2oAJpFKjjf7UG9A8I8k50+JLn/StMkpY/R8lppoIb LM19taQoOKu4yK4sOIqiC8vfP6JLtL+BPUs01N1vyRUC7lBp8yul4af7/WawTnkLfKZQ VXxmO9hxsuW6g37sN1N5N0wBFbwA4H5IAzBJvm8VWl6xxjim+sa5qkH1p6xMyjxI9O2H ndLg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=gSdILGSzoG3OnKMPM1+MC6de79Xn9vxoFi1Y5rgm5jc=; b=Cwf3yOxEN5hU2TZHZ8qBYnMTiZWgRSC9qMlJOjMLNA7KpzWBg1Ejnr1oHrG7+R2FH/ osBUkqYQ9b6NO46tC1BkK1yMaAjkuEmLNaVucvf/HF26LYwZnJO0Dk8hLLLuiM9Xj7mV d+BrHkXplz7MfjsOy1j7zDfw1HjZuOfsstAVIR3j2RoZ2px8JOwKamES8ZYQuX6r8YW4 iGz1+soyxlO+4aFb5L69Ji//au530vEiQmDR/MHGTPETPMkgwrc9rEReNR50CrWuAx7B YkGHyBvC1p6aN1VnaDUg2Pg+RPCZs/rlcApfFFLTkSluElQh+Kj3kc/VX5t8djsjfNPZ up6w==
X-Gm-Message-State: ALoCoQkhFMcvBQijewnUa23Up0rjSI5Ih3/EuDkif4sS0IwdTKEPfrmWN83r6o6g+JLfgDRKKjqXg85ugHMZLc5hF6WHn1z0rQ==
MIME-Version: 1.0
X-Received: by 10.25.30.5 with SMTP id e5mr40365113lfe.48.1452697391358; Wed, 13 Jan 2016 07:03:11 -0800 (PST)
Sender: hallam@gmail.com
Received: by 10.112.1.33 with HTTP; Wed, 13 Jan 2016 07:03:11 -0800 (PST)
In-Reply-To: <5695EFC1.7070708@dougbarton.us>
References: <304F200F-CF0B-4C23-91F9-BFC06C41BDA8@cisco.com> <5686E386.70008@gmail.com> <CAMm+LwhExTXC6xWDbR0Q5owi45UfBAgR+Z96p4BJWi-_5Q5tXA@mail.gmail.com> <DB4PR06MB4571A77D35C4B525CE73398ADF00@DB4PR06MB457.eurprd06.prod.outlook.com> <CAMm+Lwh_6EP4d4tW8CgKZm36De7rO3VCbrBwa+1PGp9M2F4KLQ@mail.gmail.com> <5695A941.1010501@dougbarton.us> <CAMm+LwiJi+ecYU9edkTJ30rTWtRcarUD2BBYfyvRedRvVzcV5Q@mail.gmail.com> <5695EFC1.7070708@dougbarton.us>
Date: Wed, 13 Jan 2016 10:03:11 -0500
X-Google-Sender-Auth: NKC01dDIAQwqhqXNU8BMCU4o3ao
Message-ID: <CAMm+Lwh6rh5GR9JkecYB90YwhuyyNAyvefZDMDqfzHP6RJbsjg@mail.gmail.com>
Subject: Re: On email and web security
From: Phillip Hallam-Baker <phill@hallambaker.com>
To: Doug Barton <dougb@dougbarton.us>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/kxxuXyR8vCxB2lFIgwR7LrMurCg>
Cc: IETF Discussion Mailing List <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Jan 2016 15:03:18 -0000

On Wed, Jan 13, 2016 at 1:33 AM, Doug Barton <dougb@dougbarton.us> wrote:
> On 01/12/2016 06:27 PM, Phillip Hallam-Baker wrote:

> Well, yeah. :)  Did I miss a proposal for new tech?

Yep, we all did. Twenty years ago.


>> The other
>> is that you have to find someone you trust to run the mailing list or
>> the jabber contact service or whatever.
>
>
> Well that's a given no matter what solution you choose. If you're relying on
> someone else to do encryption on your behalf, you have to trust them. But
> that's a marginal increase in trust compared to running a non-encrypted list
> in the first place.

That is precisely the point. With proxy re-encryption 'recryption' you
do not need to trust the mailing list server. Only the list admin
needs to be trusted with the master decryption key.

The reason for bringing this up right now is that it is a technique we
should start to look at using as soon as implementations of the CFRG
algorithms start becoming available.

v2.23.0 | Report a Bug | By Email