Re: [perpass] A proposal for developing PRISM-Proof email
Bjoern Hoehrmann <derhoermi@gmx.net> Sun, 22 September 2013 12:46 UTC
Return-Path: <derhoermi@gmx.net>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0149921F9FCE for <perpass@ietfa.amsl.com>; Sun, 22 Sep 2013 05:46:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.584
X-Spam-Level:
X-Spam-Status: No, score=-0.584 tagged_above=-999 required=5 tests=[AWL=-0.714, BAYES_40=-0.185, SARE_MILLIONSOF=0.315]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id X2+mcGwewDC8 for <perpass@ietfa.amsl.com>; Sun, 22 Sep 2013 05:46:22 -0700 (PDT)
Received: from mout.gmx.net (mout.gmx.net [212.227.17.20]) by ietfa.amsl.com (Postfix) with ESMTP id A276021F9FBF for <perpass@ietf.org>; Sun, 22 Sep 2013 05:46:21 -0700 (PDT)
Received: from netb.Speedport_W_700V ([84.180.239.50]) by mail.gmx.com (mrgmx102) with ESMTPA (Nemesis) id 0Meutp-1VYxTG121R-00OXbi for <perpass@ietf.org>; Sun, 22 Sep 2013 14:46:20 +0200
From: Bjoern Hoehrmann <derhoermi@gmx.net>
To: Phillip Hallam-Baker <hallam@gmail.com>
Date: Sun, 22 Sep 2013 14:46:18 +0200
Message-ID: <84mt39ljo4sm6p6h9h5o1ker1fgigcdqke@hive.bjoern.hoehrmann.de>
References: <CAMm+Lwj8OSxsLG1yLYwbTaxd4stt=RryvRE2krFkYuUNh8Mu8g@mail.gmail.com>
In-Reply-To: <CAMm+Lwj8OSxsLG1yLYwbTaxd4stt=RryvRE2krFkYuUNh8Mu8g@mail.gmail.com>
X-Mailer: Forte Agent 3.3/32.846
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 8bit
X-Provags-ID: V03:K0:emfVTg6+5ZF92JoRrjX83LsURNLT1XdEjZ+o+/VC5GqeWw3UoDC mwU1WrPP61IYIZeczeNCgXTmqq78eRY0eG3PJPtZ6oGIUO6036X4TkGg21QqEczJdAVP5/C UWs8Jqx8YcBWFy42EygJq+oCqyunShElQAjtP8HvQWSclNUWeReQXWwfvNKtROWSSOPNsaf QKWMaEycBZZaSXMAnV+iA==
Cc: perpass <perpass@ietf.org>
Subject: Re: [perpass] A proposal for developing PRISM-Proof email
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "The perpass list is for discussion of the privacy properties of IETF protocols and concrete ways in which those could be improved. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/perpass>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 22 Sep 2013 12:46:26 -0000
* Phillip Hallam-Baker wrote: >We need an email security infrastructure and recent events demonstrate that >the infrastructure we develop needs to be proof against PRISM-class attacks. >http://www.ietf.org/id/draft-hallambaker-prismproof-dep-00.txt The document is a bit of a mixed bag mixing analysis, requirements, pro- posals, and other things in a manner I find hard to follow. To turn this a bit around, if I wanted to create a secure email system, the first thing I would probably think about is scope. You mention "PRISM". If "PRISM" is some sort of "FAA 702" program, and that law seems to be [The] Attorney General and the Director of National Intelligence may direct, in writing, an electronic communication service provider to (A) immediately provide the Government with all information, facilities, or assistance necessary to accomplish the acquisition in a manner that will protect the secrecy of the acquisition and produce a minimum of interference with the services that such electronic communication service provider is providing to the target of the acquisition; ... one scenario I would think about two people with tablet computers that run the Acme tablet operating system and they are both using the Acme Web Mail system through the Acme browser and they are connected to the Internet over Acme Fibre. Now the United States want to read their mails to determine whether they or their associates need to be brought free- dom and democracy, and they tell Acme to make that happen using the law above. Is the system supposed to help the two exchange mails securely? Another scenario is that the supposedly secure email system relies on personal private long-term cryptographic secrets, and then the system becomes popular. How long before helpful cloud backup and cross device synchronisation systems compromise the keys? For that matter, how many will surrender the keys freely to their web mail system, for spam and virus checks, or a coupon? On Google's Android system you can get some cloud backup service, but only if you let Google have all "your" Wi-Fi passwords (which often aren't yours to share with Google). I also wonder whether active MITM attacks, where the bits on the wire are changed, are really much of a concern for such a system, compared perhaps to mass-scale passive eavesdropping; how important is being able to find out whether your conversations are being monitored? Another point is compatibility with the deployed email infrastructure. It seems rather trivial these days to establish new communication sys- tems to hundreds of millions of users; it's been done quite a number of times in recent years. It seems to disregarding the deployed protocol might make many desirable features available that are difficult to fit in with the existing system, like encrypting subject headers and local parts of addresses. Similarily, some features might be easy to let go of, asynchronous offline delivery for instance is less interesting in a always-on world. That is what comes to mind thinking about securing the email system and it is a bit of a long way from there to issues around web browsers ge- nerating cryptographic certificates or the merits of S/MIME. -- Björn Höhrmann · mailto:bjoern@hoehrmann.de · http://bjoern.hoehrmann.de Am Badedeich 7 · Telefon: +49(0)160/4415681 · http://www.bjoernsworld.de 25899 Dagebüll · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/
- [perpass] A proposal for developing PRISM-Proof e… Phillip Hallam-Baker
- Re: [perpass] A proposal for developing PRISM-Pro… Bjoern Hoehrmann
- Re: [perpass] A proposal for developing PRISM-Pro… Adam Caudill
- Re: [perpass] A proposal for developing PRISM-Pro… Leif Johansson
- Re: [perpass] A proposal for developing PRISM-Pro… Jon Callas
- Re: [perpass] A proposal for developing PRISM-Pro… Phillip Hallam-Baker
- Re: [perpass] A proposal for developing PRISM-Pro… Scott Brim
- Re: [perpass] A proposal for developing PRISM-Pro… Leif Johansson
- Re: [perpass] A proposal for developing PRISM-Pro… Paul Kyzivat
- Re: [perpass] A proposal for developing PRISM-Pro… SM
- Re: [perpass] A proposal for developing PRISM-Pro… Bjoern Hoehrmann
- Re: [perpass] A proposal for developing PRISM-Pro… ned+perpass
- Re: [perpass] A proposal for developing PRISM-Pro… Mike Demmers
- Re: [perpass] A proposal for developing PRISM-Pro… Stephen Farrell
- Re: [perpass] A proposal for developing PRISM-Pro… Randy Bush
- Re: [perpass] A proposal for developing PRISM-Pro… Dave Crocker
- Re: [perpass] A proposal for developing PRISM-Pro… Phillip Hallam-Baker
- Re: [perpass] A proposal for developing PRISM-Pro… Carl Wallace
- Re: [perpass] A proposal for developing PRISM-Pro… Phillip Hallam-Baker
- Re: [perpass] A proposal for developing PRISM-Pro… Carl Wallace
- Re: [perpass] A proposal for developing PRISM-Pro… Phillip Hallam-Baker
- Re: [perpass] A proposal for developing PRISM-Pro… Mike Demmers
- Re: [perpass] A proposal for developing PRISM-Pro… Bjoern Hoehrmann
- Re: [perpass] A proposal for developing PRISM-Pro… Mike Demmers
- Re: [perpass] A proposal for developing PRISM-Pro… Bjoern Hoehrmann
- Re: [perpass] A proposal for developing PRISM-Pro… Mike Demmers
- Re: [perpass] A proposal for developing PRISM-Pro… Leo Vegoda
- Re: [perpass] A proposal for developing PRISM-Pro… Mike Demmers
- Re: [perpass] A proposal for developing PRISM-Pro… Leo Vegoda
- Re: [perpass] A proposal for developing PRISM-Pro… Mike Demmers
- Re: [perpass] A proposal for developing PRISM-Pro… Leo Vegoda
- Re: [perpass] A proposal for developing PRISM-Pro… Stephen Farrell
- Re: [perpass] A proposal for developing PRISM-Pro… Mike Demmers
- Re: [perpass] A proposal for developing PRISM-Pro… Mike Demmers
- Re: [perpass] A proposal for developing PRISM-Pro… Elijah Sparrow
- Re: [perpass] A proposal for developing PRISM-Pro… Phillip Hallam-Baker
- Re: [perpass] A proposal for developing PRISM-Pro… Richard Shockey