[perpass] PRISM-Proof Email, Key Management and Publication Specification
Phillip Hallam-Baker <hallam@gmail.com> Thu, 17 October 2013 22:12 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5265911E82A2 for <perpass@ietfa.amsl.com>; Thu, 17 Oct 2013 15:12:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.591
X-Spam-Level:
X-Spam-Status: No, score=-2.591 tagged_above=-999 required=5 tests=[AWL=0.008, BAYES_00=-2.599, HTML_MESSAGE=0.001, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id V6wnzvadjtEu for <perpass@ietfa.amsl.com>; Thu, 17 Oct 2013 15:12:38 -0700 (PDT)
Received: from mail-la0-x230.google.com (mail-la0-x230.google.com [IPv6:2a00:1450:4010:c03::230]) by ietfa.amsl.com (Postfix) with ESMTP id 27B2721F9A40 for <perpass@ietf.org>; Thu, 17 Oct 2013 15:12:37 -0700 (PDT)
Received: by mail-la0-f48.google.com with SMTP id er20so25277lab.21 for <perpass@ietf.org>; Thu, 17 Oct 2013 15:12:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=EYqU+CFiXeIRYIVfANF6EBphCHJ3gU6Y8uOjPy8rq/Y=; b=H7MfG1hzUQ2ZG9OJTkBnkHjWIGWigQyuh+qcVuhXmf7ydJ0qtL+L2hgDvCdez/F6M3 VLvp4TqkPVft27LwZn7U+GyoP5mp2/bmrJYVE9vH2A5e2Z84JzhdOeADvcK5MVkzQiiT 6mEyMBThgInsg/ShkQRmef37SYhXZ8fSoGCaflDdZs3cTxg/IU7+KECII3O1bWzpPHcs R0R/ZIwSaLxDulNCjEsWVIq03nenLny8XprM4rBsoMOFSxsio8iRrUoJMytflhqKEckT eSPONPhE+UlF+h4baEcrxonWCUSPv4L92eATfqrG6m4vr5hmsYyMrSUsYCyE0j/Y3HcG VKEg==
MIME-Version: 1.0
X-Received: by 10.112.180.66 with SMTP id dm2mr92050lbc.68.1382047956952; Thu, 17 Oct 2013 15:12:36 -0700 (PDT)
Received: by 10.112.148.165 with HTTP; Thu, 17 Oct 2013 15:12:36 -0700 (PDT)
Date: Thu, 17 Oct 2013 18:12:36 -0400
Message-ID: <CAMm+LwioSoi-UXnDQy3+tL6sFcoC_MoGTDtOcDXJGXEZqQ=yDA@mail.gmail.com>
From: Phillip Hallam-Baker <hallam@gmail.com>
To: undisclosed-recipients:;
Content-Type: multipart/alternative; boundary="089e01182d9e896e2a04e8f71d05"
X-Mailman-Approved-At: Thu, 17 Oct 2013 15:22:11 -0700
Subject: [perpass] PRISM-Proof Email, Key Management and Publication Specification
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "The perpass list is for discussion of the privacy properties of IETF protocols and concrete ways in which those could be improved. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/perpass>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Oct 2013 22:12:39 -0000
I have produced a first draft of the specification for the Key Publication service and key management tool that talks to it. The code being documented is rough. Not least because the ASN.1 encoder I wrote does not know about ASN.1 inanities like OPTIONAL, IMPLICIT or such yet so the certs are not DER encoded. http://tools.ietf.org/html/draft-hallambaker-prismproof-key-00 This specification represents one of the two interfaces to the blob in the cloud that I call 'research'. We don't yet know the best approach to trust management but it is going to be a lot easier to find out if we separate that hard research problem from the 'plumbing' required to make secure email work. The other interface is the Omnibroker specification I wrote earlier this year. http://tools.ietf.org/html/draft-hallambaker-httpsession-01 http://tools.ietf.org/html/draft-hallambaker-wsconnect-04 http://tools.ietf.org/html/draft-hallambaker-omnibroker-06 I believe that between these specifications we have a fairly complete idea of what the 'plumbing' side of 'Privacy Protected' Email should look like. The Strong Email Addresses shown earlier provide a demonstration that we can solve this problem for at least some class of email user using stock email clients (OK plus a proxy gateway to send the mail). If people would like to write code, we are at the point where that is now practical. In addition it would be very useful if people could find out information such as how various commonly used email clients store S/MIMe keys and how might a program do the user's job of configuration for them. -- Website: http://hallambaker.com/
- [perpass] PRISM-Proof Email, Key Management and P… Phillip Hallam-Baker
- [perpass] Fwd: PRISM-Proof Email, Key Management … Phillip Hallam-Baker