Re: [openpgp] mailing list: managing the subscriber list
Phillip Hallam-Baker <phill@hallambaker.com> Thu, 04 February 2016 15:41 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1B5041B31BE for <openpgp@ietfa.amsl.com>; Thu, 4 Feb 2016 07:41:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.621
X-Spam-Level:
X-Spam-Status: No, score=0.621 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4QNbriFOOgDX for <openpgp@ietfa.amsl.com>; Thu, 4 Feb 2016 07:41:57 -0800 (PST)
Received: from mail-lf0-x234.google.com (mail-lf0-x234.google.com [IPv6:2a00:1450:4010:c07::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 786341B31BC for <openpgp@ietf.org>; Thu, 4 Feb 2016 07:41:56 -0800 (PST)
Received: by mail-lf0-x234.google.com with SMTP id 78so38733808lfy.3 for <openpgp@ietf.org>; Thu, 04 Feb 2016 07:41:56 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:content-type; bh=A0GsctPaFSWReVwTMzJJADxyQm//dv7HD69x9iJGt/M=; b=Ze55ZQTfdLk+sfdTxZJQ2iG2jQUrrelTg3ROGZcHj2ts9u9h3Uj0GhjNEGshXQL2Is /LUFincdpGSTTYDgEuV3Esroeq5Bxz3PJaPB4k3tf/f8DJ43+uUkYZqhlu5wOi8x+Ixz UaR7/dkg/aBNMwdGesZJeNIAUEEDd1AqZ7fs7G0yvZfFqbZGt3nGNweQ78/SrTceYgYH NhKspNqypMmmPb2iu2bDQNPxlBliLDkzpDfJMRUIZ5qAjinySFVkWlGrjNcmfakzE5Oa r7cwQFIXVeE/sEFogP+JZp5lOP7bRUKCWqPj/futERuHPiEf8351ZQxHsbvbJBFeLsAx d9FQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:in-reply-to:references:date :message-id:subject:from:to:content-type; bh=A0GsctPaFSWReVwTMzJJADxyQm//dv7HD69x9iJGt/M=; b=OCLa2+ow1sPaKV0cQWhy4C2pOZYnxlZ7LZXXGX5s8XohsQlIy6WTlQrvGMCFPVLwke rtgFIHseiAK6IDePc/RnQscKo1A9t3oMgA/gAXMwD6X7pmvXQWPgcHfJmwsGM1s2I7KI zyPErSZ0zgwGH50nj/UoET4d7dXgp2wtvPu2ZgRQoQ2XY1pX70CL7ZiiQBH7Ba1Xo1in OcME0dprw11UpXjMfgJX6J4jnsGkQlrjdPYExAPqSEYGXqyQ4KH9aM2ZgKc1+4hZySKy FhlN+OxyBNjzRVsKkpTG1eIqBRZHvEVB8mlWmXb3XHnQxaffLSnQMpnRXoGnoxRfLb/T YplA==
X-Gm-Message-State: AG10YOTYZhDU/47Ei5cVDbcJKZsL3+Xf/26tmnauJhNdqs4M0d3y6UTOIG24Q0IZz6BRc5h14zJke1T2TN2FkQ==
MIME-Version: 1.0
X-Received: by 10.25.138.194 with SMTP id m185mr3770824lfd.67.1454600514743; Thu, 04 Feb 2016 07:41:54 -0800 (PST)
Sender: hallam@gmail.com
Received: by 10.112.49.80 with HTTP; Thu, 4 Feb 2016 07:41:54 -0800 (PST)
In-Reply-To: <87twmje02x.fsf@vigenere.g10code.de>
References: <87ziwd3yrn.wl-neal@walfield.org> <56938B98.7000707@openfortress.nl> <87r3hn4tw2.wl-neal@walfield.org> <87twmje02x.fsf@vigenere.g10code.de>
Date: Thu, 04 Feb 2016 10:41:54 -0500
X-Google-Sender-Auth: GozCsJBSeIniY2Qx_Zndzooz9Co
Message-ID: <CAMm+Lwh-ucJ39ZOGKKvzrUK3k-7mkgyQY4KF95pmo02f5Ntseg@mail.gmail.com>
From: Phillip Hallam-Baker <phill@hallambaker.com>
To: "Neal H. Walfield" <neal@walfield.org>, Rick van Rein <rick@openfortress.nl>, IETF OpenPGP <openpgp@ietf.org>, Matthew Green <matthewdgreen@gmail.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/saGIyETRKCl_6sV2qS7HA2cRgKY>
Subject: Re: [openpgp] mailing list: managing the subscriber list
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Feb 2016 15:41:59 -0000
On Tue, Jan 12, 2016 at 2:19 AM, Werner Koch <wk@gnupg.org> wrote: > On Mon, 11 Jan 2016 23:46, neal@walfield.org said: > >> There are two types of re-encryption that I think are inappropriate: >> >> - when the mailing list software decrypts and reencrypts each >> message before forwarding it on to the list of subscriber, and, > > As soon as you are in the need for a mailing list you have severe opsec > problems which I consider not solvable: You not only need to fully trust > all participants but also need to make sure that _all_ their boxes are > properly secured against attacks. > > Adding another box to reencrypt the messages does not change the picture > much more than adding another subscriber. > > I heard that Schleuder (schleuder.nadir.org or apt-get install schleuder) > is a matured tool for encrypted group communication. There is an approach that I think works but it requires significant changes to the OpenPGP protocol. The problem with having to have a trusted box as the remailer is the same as the problem with using STARTTLS to secure SMTP - running a server is expensive. The incremental cost for sending additional messages is almost nil. But if you want to completely trust a service you have to have your own machine, run it in a trusted location, etc. That costs several $1000s a year for even a basic setup. For something that is really secure you are looking at seven figures plus. So if we want the system to be accessible, it has to be possible to run all the code on a machine managed by a data canter run by daleks without a confidentiality or integrity concern (a service provider will always be able to deny service). This is the problem that proxy re-encryption solves. Instead of decrypting the message at the server and re-encrypting it, the server recrypts the message using a key that transforms the data encrypted for one key to data encrypted with a different one. There are good ways to do this that appear to be unencumbered for Diffie Hellman (if anyone knows of patents, please let me know). The problem is that these techniques don't solve the general case of Alice sets up the server and gives it a key that allows it to convert a message encrypted under the mailing list key to Bob's public key published in a directory. What it does allow is to encrypt the message to a key that Alice has picked and assigned to Bob. That key can then be sent as an encrypted blob along with the message. What this would require is specifying a new encryption algorithm type for recryption. It is probably best to leave off doing that until CFRG is done.
- [openpgp] mailing list: managing the subscriber l… Neal H. Walfield
- Re: [openpgp] mailing list: managing the subscrib… Rick van Rein
- Re: [openpgp] mailing list: managing the subscrib… Neal H. Walfield
- Re: [openpgp] mailing list: managing the subscrib… Rick van Rein
- Re: [openpgp] mailing list: managing the subscrib… Werner Koch
- Re: [openpgp] mailing list: managing the subscrib… Neal H. Walfield
- Re: [openpgp] mailing list: managing the subscrib… Neal H. Walfield
- Re: [openpgp] mailing list: managing the subscrib… vedaal
- Re: [openpgp] mailing list: managing the subscrib… Phillip Hallam-Baker