Re: [openpgp] Manifesto - who is the new OpenPGP for?

[ianG <iang@iang.org>]

On 26/03/2015 03:56 am, Phillip Hallam-Baker wrote:
> On Wed, Mar 25, 2015 at 7:44 PM, Tim Bray <tbray@textuality.com> wrote:
>> You guys are taking it as axiomatic that a high-quality UX can't be provided
>> for users of OpenPGP.  Used OpenKeychain recently? Not quite there yet, but
>> I think your axiom is looking a little shaky.
>
> Certainly not me.


That's a very important observation.  I don't take it as axiomatic, I 
take it as somewhere between very hard and the wrong question.

Almost the whole problem comes down to time & knowledge.  As I never 
tire of saying, what we knew in 1992 is no longer state of the art; 
we've moved on since then:



Messaging is no longer the same:  we need chat, voice & video, and these 
are challenging in formats, patterns and networking, but also open up 
possibilities for authentication.  Including Tom Ritter's challenging 
post.  PGP was designed for cut&paste email, that's not only the least 
interesting thing, it's also an older generation thing which might not 
be worth protecting at all in 20 years.  With a nod to PHB's approach of 
toughest first.

Storage has changed:  we no longer consider a message over the wire as 
the same thing as a message at rest on disk.  We do/don't keep video 
chat, we do/don't take naughty snaps using screen shots.  We do/don't 
share huge files (movies) for which OpenPGP is entirely unsuited because 
it assumes everything is a datagram, and 16G datagrams aren't supported 
by any other software.

Evidence has changed:  we do/don't keep transcripts around for evidence. 
  We do/don't think of digsigs as human signatures.  We do/don't worry 
about removal of files.  We do/don't consider the wire to be a threat 
and we do/don't consider our counterparty to be a threat.

WoTs are no longer the same:  we now have social networks, which love 
them or hate them, have raised the bar so substantially that the PGP's 
communal notions of WoT are vestigial.

Value has changed:  we now have serious and competing payment systems, 
all of whom want to integrate with all aspects of life.

Computing & networking has changed:  we can no longer rely on our own 
trusted platform.  We can't rely on "one platform" and we can't rely on 
ownership, eg BYOD.   Instead it's all mobile, and we're at the mercy of 
what we get given, and what they bring.  Small factors, always present, 
always online, always travelling.

Our models of shared computing are changing:  As Derik mentioned, PGP 
started in a keys-in-pocket age, but we also had client-server + 
enrollment with S/MIME.  Then there's social networking, and now there's 
cloud.  Popular is blockchain, various groups are trying to put 
'identity' onto a shared context, which also answers part of Derik's 
implied permissionless requirement.



So, what do we want to use PGP for, and is that still good?

In 1992, almost everything about securely using the Internet could be 
answered by saying "use PGP".  In 2015, almost nothing about security 
using the Internet can be answered by "use PGP" at least the old one.



iang



> PrismProof email makes S/MIME completely frictionless in use by
> essentially grafting the PGP fingerprint trust model onto S/MIME.
>
>
> I think the idea that we are going to get anywhere by pointing to the
> faults in opposing systems is also flawed.
>
> S/MIME and PGP have both suffered from lousy usability because the
> original trust models simply don't work. X.509 is fine as a
> certificate format, but there is no key discovery infrastructure until
> deployment of X.500 is complete. Web of Trust is a fine academic
> theory but it is not how OpenPGP is really used in the real world.
>
> The lesson here that I draw is to look at how people are actually
> using OpenPGP in practice and work out ways to apply the same approach
> to other similar problems.
>
>
> I do use one trick I borrowed from TimBL, take all the information you
> need to establish a connection and smoosh it together in one
> identifier:
>
> AB7LRE-3EKR7K-ECT2KV2-7ATCFH-DXB?alice@example.com
>
>
> But more recently, I have been playing about with games similar to .onion:
>
> alice@example.com._AB7LRE-3EKR7K-ECT2KV2-7ATCFH-DXB
> http://example.com._AB7LRE-3EKR7K-ECT2KV2-7ATCFH-DXB/
>
>
> OK, so what is going on here? Well we have a fingerprint as the
> rightmost (i.e. most important) item in the DNS identifier. Which
> means 'require a signed security policy describing how to interact
> with the identifier to the left.'
>
> So if you want to send email to alice@example.com, do so under a
> security policy that is signed under a key with the fingerprint
> AB7LRE-3EKR7K-ECT2KV2-7ATCFH-DXB.
>
>
> That security policy could say something like 'use PGP encryption to this key'.
>
> One of the things OpenPGP proves is that we can quite easily build an
> infrastructure that maps from a fingerprint to a security policy. But
> one of the major changes since BaL and David and co put the MIT PGP
> server together, the Harber-Stornetta patents have expired and we now
> have better options like TRANS (or the BitCoin blockchain without the
> need to wade through treacle).
>
> _______________________________________________
> openpgp mailing list
> openpgp@ietf.org
> https://www.ietf.org/mailman/listinfo/openpgp
>