Re: the introduction problem, was Email and reputation (was Re: Service outages planned for April 25)
Keith Moore <moore@network-heretics.com> Tue, 03 May 2022 11:21 UTC
Return-Path: <moore@network-heretics.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2ADA1C15948C for <ietf@ietfa.amsl.com>; Tue, 3 May 2022 04:21:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.752
X-Spam-Level:
X-Spam-Status: No, score=-3.752 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, NICE_REPLY_A=-1.857, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=messagingengine.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YcjqhqHUb3K7 for <ietf@ietfa.amsl.com>; Tue, 3 May 2022 04:21:36 -0700 (PDT)
Received: from out4-smtp.messagingengine.com (out4-smtp.messagingengine.com [66.111.4.28]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1B7DBC15948A for <ietf@ietf.org>; Tue, 3 May 2022 04:21:36 -0700 (PDT)
Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailout.nyi.internal (Postfix) with ESMTP id 4BF7C5C00BA for <ietf@ietf.org>; Tue, 3 May 2022 07:21:35 -0400 (EDT)
Received: from mailfrontend1 ([10.202.2.162]) by compute5.internal (MEProxy); Tue, 03 May 2022 07:21:35 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:date:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm1; t=1651576895; x= 1651663295; bh=NCV3T3+9o1KexWKu/zzprZvIEWf0xMfKOUFZZ5Xz1AQ=; b=D Mv+Id9nKzGaV7z6DLSC0oTdVWQjjnLO4sLKRQH+Np/KEWlZiJkWeVYSJGp25EPqE ST3MrWJY1YHl2I/05TPiYUfk4+T/OeOJn0/j9du2Te7vIEY3d9zDCBsGCLvthq9M eYy4s4HPzzeC+1pqx3pPwtPmmj8xF1hCD2NBD6ms2KEeGMAMqUn45VwX9NbZKqUG kveTWH2U+TaudQP9f0+06WntuL/HCr92rNmueVR/RxDTmQcenYbgapg3dBZ4Lx9t k+L2KydWSxBgUUh/UctuMfBdIp/JgSdtqQSTja9ZlLka9Q2ww0krUp5r+7IMGZn+ iV3mv15oQoK2LO7g4pnzg==
X-ME-Sender: <xms:PxBxYmWvH5A8yC0XyKLyrcPKsvBSJmFuL-ExjdF7X9-LemYE2aLYyg> <xme:PxBxYimIJGR6FOnlqOI-GUk_ERKmjWPN4jVclRT09FR37PNSDSGQTlunowebsvbuX ghwENtL-gUOOw>
X-ME-Received: <xmr:PxBxYqYnD4EMiHaXF7t8wrRkSqEV-1hYCsVty4Gy9VQXqgn34V8KdyOEvK921PQUn0A>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvfedrvdejgdefkecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecunecujfgurheptgfkffggfgfuvfhfhfgjsegrtderre dtfeejnecuhfhrohhmpefmvghithhhucfoohhorhgvuceomhhoohhrvgesnhgvthifohhr khdqhhgvrhgvthhitghsrdgtohhmqeenucggtffrrghtthgvrhhnpeehfeduvdeggfefve eiiefggeeludefjeduieetledugeefffelffevieffkeeiffenucevlhhushhtvghrufhi iigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehmohhorhgvsehnvghtfihorhhkqd hhvghrvghtihgtshdrtghomh
X-ME-Proxy: <xmx:PxBxYtVx_laTkOnIWk8if0RFUg_QQURi9oI3WFXJMJIOETqHxQm6_A> <xmx:PxBxYgmaO4fmv3aEWNqE2hH3fznjpWcH31aprwhmVrULOW0yqLXrlw> <xmx:PxBxYidI92-z8y716rK2ey2ruxDo0FLUgn2USFPEbIVARm6mckycrQ> <xmx:PxBxYszB7uICpiywVUdYEPvXHP-vwwDtnw9mg-yNs1enXsxvJ1S8tw>
Received: by mail.messagingengine.com (Postfix) with ESMTPA for <ietf@ietf.org>; Tue, 3 May 2022 07:21:34 -0400 (EDT)
Content-Type: multipart/alternative; boundary="------------e4TxRNAX7tBWWLQR5rSRpYA9"
Message-ID: <3ccd160a-8f1e-2a43-73b1-504d114b7c70@network-heretics.com>
Date: Tue, 03 May 2022 07:21:26 -0400
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.7.0
Subject: Re: the introduction problem, was Email and reputation (was Re: Service outages planned for April 25)
Content-Language: en-US
To: ietf@ietf.org
References: <dcc27c29-51f8-c2a4-8ce4-ee1a3c6cb017@nostrum.com> <AAE3C51B-0150-483C-8244-3D60BC31B19A@tzi.org> <2c5df733-0f86-d319-b886-81882328caa9@network-heretics.com> <1870005490.14504.1651151102962@appsuite-gw1.open-xchange.com> <t4f3j1$1mpc$1@gal.iecc.com> <626060406.28268.1651487745123@appsuite-gw1.open-xchange.com> <2480fd36-c16a-6d98-ddac-15d02259ffbe@taugh.com> <837df6ce-a771-ff2f-515b-1021cc242c23@network-heretics.com> <2E576046-0532-41C8-AF51-1C2D09BC8BAE@dukhovni.org>
From: Keith Moore <moore@network-heretics.com>
In-Reply-To: <2E576046-0532-41C8-AF51-1C2D09BC8BAE@dukhovni.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/xbfv6ELfMTFeFFPF360BQ95vjvs>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 May 2022 11:21:40 -0000
On 5/3/22 00:46, Viktor Dukhovni wrote: >> When there are multiple barriers to solving a problem, any one of those problems can become an excuse to avoid solving the other problems. > Key distribution and discovery isn't the fatal problem, the fatal problem > is that encrypted email is unusable once received and stored. > > Until encrypted email is usable (**search**, long-term signature validation, > personal private key rollover, ...), all the key distribution tech in the > world won't make it worth adopting. I wouldn't call such email entirely unusable, but clearly a system is more usable (for some meaning of "usable") if encrypted emails can be searched and signed emails can be verified long after such emails are received. I could take a stab at these problem and say that a message can be decrypted and/or its signature verified when read (assuming of course that the message is read a short time after it is sent, when the signing keys and associated certs are still valid), and save their own signature for the message ("message X was verified to be signed by Y by MUA Z on <date>". That's still nowhere nearly perfect, e.g. it might not hold up in court as evidence that the sender of the message did or did not say something. But it's probably good enough for the recipient, for most purposes, and still better than the situation we have today where we have no widespread encryption or signing for emails. (I think in that case the problem devolves to that of long term key storage for the recipient, which is admittedly a difficult problem by itself.) But that's just an example. I don't want to dismiss the problem or claim that it's solved with a wave of the hand. Perhaps a useful next step would be to try to list the problems associated with signed and/or encrypted email. Then any proposal could describe which of those problems it attempts to address, and how. Keith
- Service outages planned for April 25 Robert Sparks
- Re: Service outages planned for April 25 Robert Sparks
- Re: Service outages planned for April 25 tom petch
- Re: Service outages planned for April 25 Jay Daley
- Re: Service outages planned for April 25 Keith Moore
- Re: Service outages planned for April 25 Carsten Bormann
- Re: Service outages planned for April 25 Keith Moore
- Re: Service outages planned for April 25 Carsten Bormann
- Re: Service outages planned for April 25 Keith Moore
- Email and reputation (was Re: Service outages pla… Vittorio Bertola
- Re: Email and reputation (was Re: Service outages… Keith Moore
- Re: Mail is worse than everything except all the … John Levine
- Re: the introduction problem, was Email and reput… John Levine
- Re: Mail is worse than everything except all the … Keith Moore
- Re: Mail is worse than everything except all the … Phillip Hallam-Baker
- Re: Mail is worse than everything except all the … Keith Moore
- Re: Mail is worse than everything except all the … John R Levine
- Re: Mail is worse than everything except all the … Keith Moore
- Re: Mail is worse than everything except all the … touch@strayalpha.com
- Re: Mail is worse than everything except all the … Keith Moore
- Re: Mail is worse than everything except all the … Viktor Dukhovni
- Re: Mail is worse than everything except all the … Keith Moore
- Re: Mail is worse than everything except all the … touch@strayalpha.com
- Re: Mail is worse than everything except all the … Keith Moore
- Re: the introduction problem, was Email and reput… Vittorio Bertola
- Re: the introduction problem, was Email and reput… John R Levine
- Re: the introduction problem, was Email and reput… Keith Moore
- Re: the introduction problem, was Email and reput… Viktor Dukhovni
- Re: the introduction problem, was Email and reput… Christian Huitema
- Re: the introduction problem, was Email and reput… Keith Moore
- Re: the introduction problem, was Email and reput… Keith Moore
- Re: the introduction problem, was Email and reput… Viktor Dukhovni
- Re: the introduction problem, was Email and reput… Masataka Ohta
- Re: the introduction problem, was Email and reput… Keith Moore
- Re: the introduction problem, was Email and reput… Masataka Ohta
- Re: the introduction problem, was Email and reput… Viktor Dukhovni
- Re: the introduction problem, was Email and reput… Keith Moore
- Re: the introduction problem, was Email and reput… Michael Richardson
- Re: the introduction problem, was Email and reput… Laurence Lundblade
- Re: the introduction problem, was Email and reput… Keith Moore
- Re: the introduction problem, was Email and reput… John Levine
- Re: the introduction problem, was Email and reput… Lyndon Nerenberg (VE7TFX/VE6BBM)
- Re: mail crypto, was the introduction problem, wa… John Levine
- Re: mail crypto, was the introduction problem, wa… Keith Moore
- Re: mail crypto, was the introduction problem, wa… Christopher Morrow
- Re: mail crypto, was the introduction problem, wa… Keith Moore
- Re: mail crypto, was the introduction problem, wa… John Levine
- Re: mail crypto, was the introduction problem, wa… Keith Moore
- Re: mail crypto, was the introduction problem, wa… Christopher Morrow
- Re: mail crypto, was the introduction problem, wa… Keith Moore
- Deployment strategy for email+ Was: Mail is worse… Phillip Hallam-Baker
- Re: mail crypto, was the introduction problem, wa… Phillip Hallam-Baker
- Re: the introduction problem, was Email and reput… Phillip Hallam-Baker
- Re: the introduction problem, was Email and reput… Phillip Hallam-Baker
- Re: the introduction problem, was Email and reput… John Levine
- Re: the introduction problem, was Email and reput… Keith Moore
- Re: the introduction problem, was Email and reput… Phillip Hallam-Baker
- Re: the introduction problem, was Email and reput… John R Levine
- Re: the introduction problem, was Email and reput… Phillip Hallam-Baker
- Re: the introduction problem, was Email and reput… Masataka Ohta
- Re: the introduction problem, was Email and reput… Masataka Ohta
- Trying to do too much (was Re: the introduction p… Jim Fenton
- Re: Trying to do too much (was Re: the introducti… lloyd.wood@yahoo.co.uk
- Re: Trying to do too much (was Re: the introducti… Phillip Hallam-Baker
- Re: Trying to do too much (was Re: the introducti… Keith Moore
- Re: Trying to do too much (was Re: the introducti… Keith Moore
- Re: Trying to do too much (was Re: the introducti… Michael Richardson
- Re: Trying to do too much (was Re: the introducti… Masataka Ohta
- Re: Trying to do too much (was Re: the introducti… Masataka Ohta
- Re: potable e-mail, now Trying to do too much (wa… John Levine
- Re: Trying to do too much (was Re: the introducti… Phillip Hallam-Baker
- Re: Trying to do too much (was Re: the introducti… Phillip Hallam-Baker
- Re: potable e-mail, now Trying to do too much (wa… Michael Richardson
- Re: Trying to do too much (was Re: the introducti… Keith Moore
- Re: portable e-mail, now Trying to do too much (w… John R Levine
- Re: potable e-mail, now Trying to do too much (wa… Keith Moore
- Re: Trying to do too much (was Re: the introducti… Masataka Ohta
- Re: potable e-mail, now Trying to do too much (wa… Masataka Ohta
- Re: portable e-mail, now Trying to do too much (w… Michael Richardson
- Re: portable e-mail, now Trying to do too much (w… John Levine
- Re: portable e-mail, now Trying to do too much (w… Michael Richardson
- We are not a mail forwarding service Carsten Bormann
- Re: We are not a mail forwarding service John R Levine
- ugly hacks (was: Re: We are not a mail forwarding… Keith Moore
- Re: ugly hacks (was: Re: We are not a mail forwar… John Levine
- Re: ugly hacks (was: Re: We are not a mail forwar… Keith Moore
- Re: We are not a mail forwarding service Robert Sparks
- Re: We are not a mail forwarding service Carsten Bormann
- Re: portable e-mail, now Trying to do too much (w… Phillip Hallam-Baker
- Re: potable e-mail, now Trying to do too much (wa… Phillip Hallam-Baker
- Re: portable e-mail, now Trying to do too much (w… Keith Moore
- Re: portable e-mail, now Trying to do too much (w… Phillip Hallam-Baker