Re: [openpgp] Can the OpenPGP vs. S/MIME situation be fixed?

Phillip Hallam-Baker <> Tue, 16 August 2016 20:29 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 05C3B12D827 for <>; Tue, 16 Aug 2016 13:29:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.001, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id LD3f0UxADKgq for <>; Tue, 16 Aug 2016 13:29:49 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:400d:c09::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 3163D126D74 for <>; Tue, 16 Aug 2016 13:29:49 -0700 (PDT)
Received: by with SMTP id v123so82802395qkh.2 for <>; Tue, 16 Aug 2016 13:29:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20120113; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=63AbuE4iXVWihs4T/bQU8DK0IfIFGSBkIJ6iC+C/ph8=; b=LB6xSTstNoYzv0HaguRbgcdlYpkXo8os+akg5sYRQuNuxyWEY6aZTpDoSqk3Rt8b1+ 9X8FHdAJlg6gSv+7DXZjoE56bp+WlaabrUwqwcdzZlIlB89mS1hljwpberTgCSLMXwIR qaMkLIZ4DmrXyv1I46z3ZKT3nSeJKdY/pMihatf1K+vV3BzkGtBifxDsYZ09JtL5DQNL PejYi94kfON1v9SoCzJ/GJpH06G3tNhx7g3rVWi+Fa+JiQCFYlxGM73SejmUtbQOhP1E I6u9K4td0jWRTYDDMHDF/WQfat6sfLcwOQunFUfO9LMtLUrOoz/uE2KuGd3VnZIfOITc NoPQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20130820; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=63AbuE4iXVWihs4T/bQU8DK0IfIFGSBkIJ6iC+C/ph8=; b=WV6yVXc0/1GUJnryr1A5tZ/1zDarUnUTo1wOf2tp4W42jrVlzArYAPNTjupv4K8OzW aGRKlgL2t9rI8lIsQCittF+zAFB2ZNAQ9T4OgceJqQS93erS+HaeiR9jgnqK74RA1b8j up/iog+RsEZqaVU2PjyOZnKF8lAew36uLgQSR13cxqNOR3PO1zo0JApHH8/TDjWcpVXy rdtC5PtI6OAPYynmLd2+9kWyYENfgcaZbmCgVeBXLatsmhFb318LsKHT3wG8LVNHinRA /33aa4LXGK1g0b+9732r5wmq7U+OFEdZ707Rm06bZkopHRKKXJ0ZIr5fRrSCbrftaWlN UyYQ==
X-Gm-Message-State: AEkoouufu955/tDCClnzCqTi9xrXXfWww7cWLaRzvDX/H3DYNfC66ZuTQGzJVsGznc9qa134DjMFsgnSsWuHig==
X-Received: by with SMTP id 6mr38843166qkk.164.1471379388195; Tue, 16 Aug 2016 13:29:48 -0700 (PDT)
MIME-Version: 1.0
Received: by with HTTP; Tue, 16 Aug 2016 13:29:47 -0700 (PDT)
In-Reply-To: <>
References: <20160701153304.332d2c95@pc1> <> <> <> <> <> <> <> <>
From: Phillip Hallam-Baker <>
Date: Tue, 16 Aug 2016 16:29:47 -0400
X-Google-Sender-Auth: QhJiWxxxe3jFX8BeoHQINQM-ZgQ
Message-ID: <>
To: ianG <>
Content-Type: multipart/alternative; boundary=001a114d873ec36d7a053a363519
Archived-At: <>
Cc: IETF OpenPGP <>
Subject: Re: [openpgp] Can the OpenPGP vs. S/MIME situation be fixed?
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 16 Aug 2016 20:29:51 -0000

On Sun, Aug 14, 2016 at 10:37 AM, ianG <> wrote:

> Right - that word legacy.  My experiences are that you can get both of the
> tech stacks to handle the requirements with enough nailing and pain.  But
> at some point the tech stack starts to interfere too dramatically, and
> you're better off starting again.
> One issue to bear in mind is that we are talking about a rather narrow and
> dated concept - email.  In the pre-web world, all comms was basically
> email.  Most comms these days is not email.  And, what we knew about what
> was interesting in the late 1980s early 1990s is no longer the text book.
> Other methods/views/requirements are much more interesting.
> Which is to say, we could narrow the scope so that we could get these
> tools to finally slay the dual standard dragon, but we'd still be slaying a
> beast that is no longer big and scary.
> iang, chiming in yonks late.

​My thoughts pretty much.​

I see three possible paths towards convergence and I am trying for all

1) Converge S/MIME and OpenPGP standards to the point that they are
functionally interoperable. So just like the fact that 120V and 240V are
still in use, pretty much every laptop you buy will work on either without
issue. The supply voltage is no longer an issue for most equipment.

2) As in (1) above but the systems merge to the point that one or the other

3) Propose a completely new infrastructure that might supersede both
because it offers a major functional advance.

​I don't see much point in a third standard that does the same as OpenPGP
and S/MIME. But where there is opportunity is to offer wider functionality.

* If I have someone's public key, I should be able to contact them securely
by mail, chat, messaging, voice or video. ​

​* Integrating proxy re-encryption into the system so that it is possible
to have end to end secure confidential mailing lists, controlled document
distribution and support for individually keyed devices.

Right now I am looking at how to make use of proxy re-encryption as a
'clean slate' proposal. Once I get that working we can look at the system
and decide whether it makes sense to back-engineer it into legacy systems
or not. ​