Re: [perpass] Another mail-related proposal

Jim Fenton <fenton@bluepopcorn.net> Sun, 18 August 2013 16:44 UTC

Return-Path: <fenton@bluepopcorn.net>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B668021F9B90 for <perpass@ietfa.amsl.com>; Sun, 18 Aug 2013 09:44:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Th9gDtI+eKDs for <perpass@ietfa.amsl.com>; Sun, 18 Aug 2013 09:44:05 -0700 (PDT)
Received: from kernel.bluepopcorn.net (ipv6.bluepopcorn.net [IPv6:2001:470:1f05:bfe:21a:70ff:fe11:c889]) by ietfa.amsl.com (Postfix) with ESMTP id 1DC3B21F9B8D for <perpass@ietf.org>; Sun, 18 Aug 2013 09:44:05 -0700 (PDT)
Received: from [127.0.0.1] (localhost [127.0.0.1]) by kernel.bluepopcorn.net (8.14.4/8.14.4/Debian-2.1ubuntu1) with ESMTP id r7IGi3C4005527; Sun, 18 Aug 2013 09:44:03 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=bluepopcorn.net; s=supersize; t=1376844244; bh=XvJvlcL6iDQxjvWyLBF915d5AiyhVyB/XqDYLzaWJ3w=; h=Date:From:To:CC:Subject:References:In-Reply-To:From; b=OfWzKttwqUwalmGmpl+4n9XXChsPfRC6Hw30L56cevJcFG4dR3JUc8wiKmfbVsvcy bVwbZAAojVc2tBo7lvGanKRgls9wwqFoZ3TCWy1NlLqmYDATmkbb/r88FU9LDebpGK qZudE3Q/0zJ8HKX6nWquSJPxP3NQH9eRJu0TYt+0=
Message-ID: <5210F9D3.5010302@bluepopcorn.net>
Date: Sun, 18 Aug 2013 09:44:03 -0700
From: Jim Fenton <fenton@bluepopcorn.net>
User-Agent: Mozilla/5.0 (X11; Linux i686; rv:17.0) Gecko/20130803 Thunderbird/17.0.8
MIME-Version: 1.0
To: Dan Schlitt <schlitt@theworld.com>
References: <520FE08B.80005@bluepopcorn.net> <alpine.LFD.2.10.1308171723400.14413@bofh.nohats.ca> <5210643F.8030709@bluepopcorn.net> <m2bo4vcuup.wl%randy@psg.com> <Pine.SGI.4.61.1308180959010.1312964@shell01.TheWorld.com>
In-Reply-To: <Pine.SGI.4.61.1308180959010.1312964@shell01.TheWorld.com>
X-Enigmail-Version: 1.5.2
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Cc: perpass@ietf.org
Subject: Re: [perpass] Another mail-related proposal
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "The perpass list is for discussion of the privacy properties of IETF protocols and concrete ways in which those could be improved. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/perpass>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 18 Aug 2013 16:44:05 -0000

On 08/18/2013 07:01 AM, Dan Schlitt wrote:
>
> I thought that I was long ago taught that encrypting only messages
> with "sensitive information" in them was bad security. The encrypted
> messages called attention to them and even if they could not be read
> were subject to traffic analysis.
>

What I'm proposing is slightly different. We would still encrypt (at
transport level) all messages when that's possible, and the sensitivity
of the message would be visible only if the receiving MTA doesn't
support TLS or offer this extension. The sending MTA would first
STARTTLS, and if that fails would just QUIT, not giving a specific
indication about why it didn't send a message (although there would be
circumstantial evidence, of course).

Interesting observation.

-Jim