Re: On email and web security
Fernando Gont <fgont@si6networks.com> Wed, 30 December 2015 21:57 UTC
Return-Path: <fgont@si6networks.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8A8EA1AD49B; Wed, 30 Dec 2015 13:57:02 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.799
X-Spam-Level:
X-Spam-Status: No, score=0.799 tagged_above=-999 required=5 tests=[BAYES_50=0.8, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Y0B-7k03yIpO; Wed, 30 Dec 2015 13:56:59 -0800 (PST)
Received: from fgont.go6lab.si (fgont.go6lab.si [91.239.96.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9F5571AD378; Wed, 30 Dec 2015 13:56:59 -0800 (PST)
Received: from [192.168.3.107] (unknown [181.165.125.191]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by fgont.go6lab.si (Postfix) with ESMTPSA id 05955206889; Wed, 30 Dec 2015 16:56:52 -0500 (EST)
Subject: Re: On email and web security
To: "Fred Baker (fred)" <fred@cisco.com>, Chair Ietf <chair@ietf.org>
References: <304F200F-CF0B-4C23-91F9-BFC06C41BDA8@cisco.com>
From: Fernando Gont <fgont@si6networks.com>
X-Enigmail-Draft-Status: N1110
Message-ID: <568452AB.5010100@si6networks.com>
Date: Wed, 30 Dec 2015 18:54:51 -0300
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.4.0
MIME-Version: 1.0
In-Reply-To: <304F200F-CF0B-4C23-91F9-BFC06C41BDA8@cisco.com>
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/omBFGuy2oazAgn-eftrOMUeclSY>
Cc: "ietf@ietf.org" <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Dec 2015 21:57:02 -0000
On 12/30/2015 05:17 PM, Fred Baker (fred) wrote: > > Your focus on actual deployment is what triggered this note. When the > IETF stated, 2013, that we should seriously consider encrypting > everything, I took an active step to do so. I extracted every email > address I could find from IETF I-Ds and the RFC series, looked them > up in the PGP Key repositories, and added them to mine. I was already > signing email; I then reconfigured my mail client to, any time I sent > an email to someone whose key I knew, encrypt that email. * Even for folks that get to use PGP, they don't take their chances to deliver their public key securely. At the end of the day, strictly speaking, this can be deemed as "placebo security". Printing the signature in business cards helps a lot (and also introduces the problem of business-card "management" :-) ). My other take has been to put the signature in every mail I send (including those to mailing-lists). This is not really "secure", but give you datapoints over time that you really got the key you wanted. * Mobile mail clients are a real hassle for PGP. And in those cases they are not (anyone?), given the current state of mobile phone security, you'd really think twice before putting your private key in your phone. -- this doesn't impact signed email, but does impact encrypted email (e.g., 've had to "get back home" to read encrypted email I had received). > The result has not been what I might have hoped for. > > First, I note that this email is going out unencrypted. Why? I don't > have a key that I can presume every person on this list will be able > to use to decrypt it, and I don't have a key for chair@ietf.org. Yes, > I know those are things our lack of a security architecture has not > sought to fix. There are at least a couple of ways to address it: we > could create a capability for such a key, and we could decrypt > signature-verified emails at the server and re-encrypt to list > members that we have the keys for. I'm sure our security community > can come up with a better answer than either, and I invite them to do > so. My point is that we can't "encrypt everything" if we can't > encrypt email sent to an alias. It's not just about encrypting. In many cases, there's trust involved (whether implicit or explicit). e.g., in your scenario of "decrypt and encrypt" at the server, I should be trusting the server. Is there a reason for that? Yes, that could be thing as "better than nothing".. but at the same time could give a false idea of security and also lead people that the email content is authentic, where it could have been maliciously modified at the server. HTTPS has similar issues (trusting whoever issued the certificate, trusting servers providing the content, etc.) > Second, many of my colleagues have asked me to remove their old keys > from my database, because they have forgotten them, although the PGP > repository has not. It may be necessary to purge the PGP database, > obsoleting and removing keys that have been superseded, and advising > holders of keys that their keys are old and should be updated. I > actually cannot encrypt to the entire set of keys I downloaded, only > those whose holders can still decrypt such communications. In this case, setting the keys to expire at some point when you create them makes sense. > Third, I note that when I receive a signed email that has gone > through an IETF alias, I can no longer verify the signature as a > result of content modification. What is the value of a signature one > cannot verify? I guess this depends on how you're signing. If you do in-line PGP, this shouldn't be an issue. Thanks, -- Fernando Gont SI6 Networks e-mail: fgont@si6networks.com PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
- On email and web security Fred Baker (fred)
- Re: On email and web security Paul Wouters
- Re: On email and web security Kathleen Moriarty
- Re: On email and web security Fernando Gont
- Re: On email and web security IETF Chair
- Re: On email and web security John Levine
- Re: On email and web security Michael Richardson
- Re: On email and web security Phillip Hallam-Baker
- Re: On email and web security Doug Royer
- Re: On email and web security Doug Royer
- Re: On email and web security Phillip Hallam-Baker
- Re: On email and web security Phillip Hallam-Baker
- Re: On email and web security l.wood
- Re: On email and web security Steve Crocker
- Re: On email and web security John Levine
- Re: On email and web security Phillip Hallam-Baker
- Re: On email and web security Phillip Hallam-Baker
- Re: On email and web security Doug Barton
- Re: On email and web security Phillip Hallam-Baker
- Re: On email and web security Doug Barton
- Re: On email and web security Dave Cridland
- Re: On email and web security Phillip Hallam-Baker
- Re: On email and web security Doug Barton
- Re: On email and web security Doug Royer
- Re: On email and web security Matthew Kerwin
- Re: On email and web security Doug Royer
- Re: On email and web security John Levine
- Re: On email and web security Doug Barton
- Re: On email and web security John Levine
- Re: On email and web security Doug Barton
- Re: On email and web security Phillip Hallam-Baker
- Re: On email and web security George Michaelson