Re: Why are mail servers not also key servers?
"John Levine" <johnl@taugh.com> Fri, 21 April 2017 02:12 UTC
Return-Path: <johnl@taugh.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9003B128796 for <ietf@ietfa.amsl.com>; Thu, 20 Apr 2017 19:12:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.12
X-Spam-Level:
X-Spam-Status: No, score=-1.12 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_NEUTRAL=0.779, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Lr_ogpfWRuUM for <ietf@ietfa.amsl.com>; Thu, 20 Apr 2017 19:12:20 -0700 (PDT)
Received: from miucha.iecc.com (w6.iecc.com [IPv6:2001:470:1f07:1126::4945:4343]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6496D126D85 for <ietf@ietf.org>; Thu, 20 Apr 2017 19:12:20 -0700 (PDT)
Received: (qmail 87968 invoked from network); 21 Apr 2017 02:12:18 -0000
Received: from unknown (64.57.183.18) by mail1.iecc.com with QMQP; 21 Apr 2017 02:12:18 -0000
Date: Fri, 21 Apr 2017 02:11:56 -0000
Message-ID: <20170421021156.25637.qmail@ary.lan>
From: John Levine <johnl@taugh.com>
To: ietf@ietf.org
Subject: Re: Why are mail servers not also key servers?
In-Reply-To: <3BAB6CADBB6CA243A443E7C6674F2AB4082F04A1D6@PTPTVDEX02.PTPortugal.corpPT.com>
Organization:
X-Headerized: yes
Mime-Version: 1.0
Content-type: text/plain; charset="utf-8"
Content-transfer-encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/uWvHoP2uHNKhiw0G_MsNem2Q7IM>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Apr 2017 02:12:22 -0000
In article <3BAB6CADBB6CA243A443E7C6674F2AB4082F04A1D6@PTPTVDEX02.PTPortugal.corpPT.com> you write: >Thanks Paul. We're considering untrustable email/DNS/... servers. OK. > >This particular email hasn't any jurisprudence value. However, it could have the same value as a registered letter, couldn't it? Postal mail isn't a very good analogy here. Registered postal mail depends on a trusted third party, the government post office, to make assertions about the mail it handles. It typically provides two services. One is reliable delivery of valuable physical objects like jewelry which doesn't apply to e-mail. The other is to prove that one party sent a message to a second, even if the second party doesn't want it and won't sign for it. (The usual example is a letter from your insurance company saying they've canceled your policy.) In the US they're separate services Registered and Certified mail, elsewhere they're usually combined. E-mail crypto doesn't do either of those things. A digital signature says that this message really came from whoever, with the physical analogy being a notary stamp. Encrypted e-mail doesn't promise that the mail will be delivered, but makes a negative promise that it will not be delivered to (or at least read by) anyone but the person with the key. If a recipient is cooperative, and sends you back a message signed with the same key to which you encrypted the message, that tells you he got it, but that's not a very interesting case. In the real world we have centuries of law and practice that tell notaries how to verify someone's identity, and tell recipients what the value of a notary stamp is. In e-mail, we have the web of trust for PGP and for S/MIME third party CAs (or DANE domain assertions) none of which map very well into the way we manage identities in the normal world. R's, John
- Why are mail servers not also key servers? Jon
- Re: Why are mail servers not also key servers? Nico Williams
- Re: Why are mail servers not also key servers? Viktor Dukhovni
- Re: Why are mail servers not also key servers? Paul Wouters
- Re: Why are mail servers not also key servers? Yoav Nir
- Re: Why are mail servers not also key servers? Yoav Nir
- Re: Why are mail servers not also key servers? Paul Wouters
- Re: Why are mail servers not also key servers? Viktor Dukhovni
- Re: Why are mail servers not also key servers? Matthew Kerwin
- Re: Why are mail servers not also key servers? Jon
- Re: Why are mail servers not also key servers? Nico Williams
- Re: Why are mail servers not also key servers? Doug Royer
- Re: Why are mail servers not also key servers? Viktor Dukhovni
- Re: Why are mail servers not also key servers? Doug Royer
- Re: Why are mail servers not also key servers? Doug Royer
- Re: Why are mail servers not also key servers? John Levine
- Re: Why are mail servers not also key servers? Paul Wouters
- Re: Why are mail servers not also key servers? Phillip Hallam-Baker
- RE: Why are mail servers not also key servers? Paul Wouters
- RE: Why are mail servers not also key servers? Rui Costa
- RE: Why are mail servers not also key servers? Rui Costa
- Re: Why are mail servers not also key servers? Martin Thomson
- Re: Why are mail servers not also key servers? Doug Royer
- Re: Why are mail servers not also key servers? Doug Royer
- Re: Why are mail servers not also key servers? John Levine
- Re: Why are mail servers not also key servers? Philip Homburg
- Re: Why are mail servers not also key servers? John Levine
- Re: Why are mail servers not also key servers? Phillip Hallam-Baker
- Re: Why are mail servers not also key servers? Doug Royer
- Re: Why are mail servers not also key servers? Doug Royer
- Re: Why are mail servers not also key servers? Rich Kulawiec
- Re: Why are mail servers not also key servers? John C Klensin
- Re: Why are mail servers not also key servers? Doug Royer
- Re: Why are mail servers not also key servers? John C Klensin
- Re: Why are mail servers not also key servers? Doug Royer
- Re: Why are mail servers not also key servers? Phillip Hallam-Baker
- Re: Why are mail servers not also key servers? Philip Homburg
- Re: Why are mail servers not also key servers? Doug Royer
- Re: Why are mail servers not also key servers? Phillip Hallam-Baker
- Re: Why are mail servers not also key servers? Wei Chuang
- Re: Why are mail servers not also key servers? Phillip Hallam-Baker
- Re: Why are mail servers not also key servers? John R Levine
- Re: Why are mail servers not also key servers? Martin Thomson
- Re: Why are mail servers not also key servers? Phillip Hallam-Baker
- Re: Why are mail servers not also key servers? Dave Crocker
- Re: Why are mail servers not also key servers? Doug Royer
- Re: Why are mail servers not also key servers? Doug Royer