IETF Logo Mail Archive

Re: [openpgp] Can the OpenPGP vs. S/MIME situation be fixed?

Derek Atkins <derek@ihtfp.com> Fri, 01 July 2016 15:10 UTC

Return-Path: <derek@ihtfp.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1AB7D12D69E for <openpgp@ietfa.amsl.com>; Fri, 1 Jul 2016 08:10:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ihtfp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Bv0UFZZCzY2a for <openpgp@ietfa.amsl.com>; Fri, 1 Jul 2016 08:10:34 -0700 (PDT)
Received: from mail2.ihtfp.org (MAIL2.IHTFP.ORG [204.107.200.7]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9B89912D14D for <openpgp@ietf.org>; Fri, 1 Jul 2016 08:10:34 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail2.ihtfp.org (Postfix) with ESMTP id 539F4E2039; Fri, 1 Jul 2016 11:10:33 -0400 (EDT)
Received: from mail2.ihtfp.org ([127.0.0.1]) by localhost (mail2.ihtfp.org [127.0.0.1]) (amavisd-maia, port 10024) with ESMTP id 27994-03; Fri, 1 Jul 2016 11:10:30 -0400 (EDT)
Received: from securerf.ihtfp.org (IHTFP-DHCP-159.IHTFP.ORG [192.168.248.159]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mocana.ihtfp.org", Issuer "IHTFP Consulting Certification Authority" (verified OK)) by mail2.ihtfp.org (Postfix) with ESMTPS id 77B23E2030; Fri, 1 Jul 2016 11:10:30 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ihtfp.com; s=default; t=1467385830; bh=mttyTBnmxMoTqj5Py9fCan4xDrDfw/zvjPEziVgKV/c=; h=From:To:Cc:Subject:References:Date:In-Reply-To; b=JHCZQYyKqd1eeNCkYECtKzO38T9pu7kRcmv7MG1MFkGDy6Aes49FJAwZ7Rjuq5Axl Rz//m+U3RnP9e2HWHrL2CavKaFxGWzHozrLfWQChis2ipEb19H14NEv6lg/EV/N/9u JbcNv5gFWy7h6pYKM+lakk1m1lksGX4CVJ59cMBA=
Received: (from warlord@localhost) by securerf.ihtfp.org (8.15.2/8.14.8/Submit) id u61FATTP009078; Fri, 1 Jul 2016 11:10:29 -0400
From: Derek Atkins <derek@ihtfp.com>
To: Hanno Böck <hanno@hboeck.de>
References: <20160701153304.332d2c95@pc1>
Date: Fri, 01 Jul 2016 11:10:29 -0400
In-Reply-To: <20160701153304.332d2c95@pc1> ("Hanno Böck"'s message of "Fri, 1 Jul 2016 15:33:04 +0200")
Message-ID: <sjmwpl5qtqy.fsf@securerf.ihtfp.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-Virus-Scanned: Maia Mailguard 1.0.2a
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/C0ibbTegeAwkn_bNc63RqmvNhNw>
Cc: IETF OpenPGP <openpgp@ietf.org>
Subject: Re: [openpgp] Can the OpenPGP vs. S/MIME situation be fixed?
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Jul 2016 15:10:37 -0000

Hi Hanno,

Hanno Böck <hanno@hboeck.de> writes:

[snip]
> So the question is: Instead of making RFC4880bis a "new OpenPGP
> standard", could it instead be a successor of both OpenPGP and S/MIME?
> Maybe it needs a new name, maybe not. There seems to be an smime working
> group and there is still some activity, although the last RFC was
> published in 2009. Things would obivously have to be coordinated so
> that there is wide acceptance of the new standard.

Unfortunately from a process standpoint that is not an option.  That's
not to say that we cannot write such a draft/document, but it cannot be
"4880bis".

> Technically it would probably mean to create a compatibility layer to
> be able to use both X.509 certificates and PGP keys to encrypt. But
> that shouldn't be too hard, as the keys itself are just numbers, the
> major difference is just the storage format.
>
> Maybe this is a crazy idea, but maybe this could also be a chance to
> fix one of the biggest mistakes in email encryption.

-derek
-- 
       Derek Atkins                 617-623-3745
       derek@ihtfp.com             www.ihtfp.com
       Computer and Internet Security Consultant

v2.23.0 | Report a Bug | By Email