[openpgp] Can the OpenPGP vs. S/MIME situation be fixed?
Hanno Böck <hanno@hboeck.de> Fri, 01 July 2016 13:33 UTC
Return-Path: <hanno@hboeck.de>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0530F12D5F7 for <openpgp@ietfa.amsl.com>; Fri, 1 Jul 2016 06:33:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.601
X-Spam-Level:
X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZbkK4G5Nlf0v for <openpgp@ietfa.amsl.com>; Fri, 1 Jul 2016 06:33:10 -0700 (PDT)
Received: from zucker2.schokokeks.org (zucker2.schokokeks.org [178.63.68.90]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7180B12D1DC for <openpgp@ietf.org>; Fri, 1 Jul 2016 06:33:09 -0700 (PDT)
Received: from pc1 ([::ffff:195.1.83.226]) (AUTH: LOGIN hanno-default@schokokeks.org, TLS: TLSv1/SSLv3, 256bits, ECDHE-RSA-AES256-GCM-SHA384) by zucker.schokokeks.org with ESMTPSA; Fri, 01 Jul 2016 15:33:07 +0200 id 00000000000000F7.0000000057767113.0000608D
Date: Fri, 01 Jul 2016 15:33:04 +0200
From: Hanno Böck <hanno@hboeck.de>
To: IETF OpenPGP <openpgp@ietf.org>
Message-ID: <20160701153304.332d2c95@pc1>
X-Mailer: Claws Mail 3.13.2 (GTK+ 2.24.30; x86_64-pc-linux-gnu)
Mime-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="=_zucker.schokokeks.org-24717-1467379988-0001-2"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/mt4mYGrXuXPoNhsCbnu6xjlXPkg>
Subject: [openpgp] Can the OpenPGP vs. S/MIME situation be fixed?
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Jul 2016 13:33:13 -0000
Hi, Maybe this is a crazy idea, but I wanted to throw it into the discussion. IMHO a big problem with e-mail encryption is that there are two competing "official" standards: OpenPGP and S/MIME. Both are RFCs, so both have a kinda "official" IETF approval. I think it was a big mistake to create two competing standards in the first place, but that was back in the 90s. So we may ask if we want to live forever with this situation or if it can be fixed. One of the most common explanations for the two standards I hear is that S/MIME is the solution for business communications while OpenPGP is more for private users. This never made a lot of sense to me, because there are plenty of situations where "business" people may have to communicate with "private" people. And the requirements aren't any different. E-Mail encryption is supposed to ensure that no unauthorized people can read or manipulate your mail, that doesn't change whether you're using E-Mail for private or business communication. So essentially I think there is no rational case for competing standards. So the question is: Instead of making RFC4880bis a "new OpenPGP standard", could it instead be a successor of both OpenPGP and S/MIME? Maybe it needs a new name, maybe not. There seems to be an smime working group and there is still some activity, although the last RFC was published in 2009. Things would obivously have to be coordinated so that there is wide acceptance of the new standard. Technically it would probably mean to create a compatibility layer to be able to use both X.509 certificates and PGP keys to encrypt. But that shouldn't be too hard, as the keys itself are just numbers, the major difference is just the storage format. Maybe this is a crazy idea, but maybe this could also be a chance to fix one of the biggest mistakes in email encryption. -- Hanno Böck https://hboeck.de/ mail/jabber: hanno@hboeck.de GPG: BBB51E42
- Re: [openpgp] Can the OpenPGP vs. S/MIME situatio… Werner Koch
- Re: [openpgp] Can the OpenPGP vs. S/MIME situatio… Phillip Hallam-Baker
- Re: [openpgp] Can the OpenPGP vs. S/MIME situatio… Derek Atkins
- Re: [openpgp] Can the OpenPGP vs. S/MIME situatio… Phillip Hallam-Baker
- Re: [openpgp] Can the OpenPGP vs. S/MIME situatio… Jon Callas
- Re: [openpgp] Can the OpenPGP vs. S/MIME situatio… Peter Gutmann
- Re: [openpgp] Can the OpenPGP vs. S/MIME situatio… Andrey Jivsov
- Re: [openpgp] Can the OpenPGP vs. S/MIME situatio… Peter Gutmann
- Re: [openpgp] Can the OpenPGP vs. S/MIME situatio… Daniel Kahn Gillmor
- Re: [openpgp] Can the OpenPGP vs. S/MIME situatio… Watson Ladd
- Re: [openpgp] Can the OpenPGP vs. S/MIME situatio… Vincent Breitmoser
- Re: [openpgp] Can the OpenPGP vs. S/MIME situatio… Phillip Hallam-Baker
- Re: [openpgp] Can the OpenPGP vs. S/MIME situatio… Peter Gutmann
- Re: [openpgp] Can the OpenPGP vs. S/MIME situatio… Phillip Hallam-Baker
- Re: [openpgp] Can the OpenPGP vs. S/MIME situatio… Derek Atkins
- Re: [openpgp] Can the OpenPGP vs. S/MIME situatio… Thijs van Dijk
- [openpgp] Can the OpenPGP vs. S/MIME situation be… Hanno Böck
- Re: [openpgp] Can the OpenPGP vs. S/MIME situatio… Phillip Hallam-Baker
- Re: [openpgp] Can the OpenPGP vs. S/MIME situatio… ianG
- Re: [openpgp] Can the OpenPGP vs. S/MIME situatio… Stephen Paul Weber
- Re: [openpgp] Can the OpenPGP vs. S/MIME situatio… Phillip Hallam-Baker
- Re: [openpgp] Can the OpenPGP vs. S/MIME situatio… Derek Atkins