[perpass] Mail encryption as an example

Yaron Sheffer <yaronf.ietf@gmail.com> Sat, 17 August 2013 11:51 UTC

Return-Path: <yaronf.ietf@gmail.com>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id CA0AC11E80F6 for <perpass@ietfa.amsl.com>; Sat, 17 Aug 2013 04:51:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id Sl+wIMgISdoc for <perpass@ietfa.amsl.com>; Sat, 17 Aug 2013 04:51:29 -0700 (PDT)
Received: from mail-wg0-x22a.google.com (mail-wg0-x22a.google.com [IPv6:2a00:1450:400c:c00::22a]) by ietfa.amsl.com (Postfix) with ESMTP id 0D28A11E80C5 for <perpass@ietf.org>; Sat, 17 Aug 2013 04:51:28 -0700 (PDT)
Received: by mail-wg0-f42.google.com with SMTP id j13so1952301wgh.3 for <perpass@ietf.org>; Sat, 17 Aug 2013 04:51:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject :content-type:content-transfer-encoding; bh=KvQOQVwM7r/AMlcwPd8Tz/mmwZoufEjxf8XY1hTbUi0=; b=yjqIQ45BppbBo0rEJq1vULGcimHXay1RC+WTICJ95DiUk3QxCkAB5lO59zzRHwwYlB 3mhcpJ944FJldi7RMbxiMT5UE1+ZM4TjGTgbssrFFst9VIX2D1Sb4/TjiApCBD3u8BnI +WwOOr9vP4pvU7Q8MJra9ALlrx0ogi1MF5u8Stk9+CI6X6xhZZjmD04L5S790Q8txHBG Zynn9b4ovqhX8L72XlRW46DXu12iZzQnEAW3Ch5PbjeBqcS29RW8cwdh6gMHGz0JYnFP ffCZsFSAiJ79+hK41wA7UQ+Ffu3BROjKZEfbakHIGS84r/fltnkz52j3Z12QEWeAuy9R jtqg==
X-Received: by with SMTP id bv10mr1227208wib.65.1376740287408; Sat, 17 Aug 2013 04:51:27 -0700 (PDT)
Received: from [] ([]) by mx.google.com with ESMTPSA id ee5sm3006221wib.3.1969. (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Sat, 17 Aug 2013 04:51:26 -0700 (PDT)
Message-ID: <520F63BC.7030808@gmail.com>
Date: Sat, 17 Aug 2013 14:51:24 +0300
From: Yaron Sheffer <yaronf.ietf@gmail.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130804 Thunderbird/17.0.8
MIME-Version: 1.0
To: perpass@ietf.org
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Subject: [perpass] Mail encryption as an example
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "The perpass list is for discussion of the privacy properties of IETF protocols and concrete ways in which those could be improved. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/perpass>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 17 Aug 2013 11:51:29 -0000


Stephen mentioned that S/MIME is not good enough because headers 
(to/from) are still exposed. But there's still tons of benefit when the 
content is encrypted, even if the metadata is exposed (provided users 
know that it is exposed, of course). E.g. I would like all my internal 
company email to be encrypted, even if tracing recipients is trivial for 
the attacker.

In other words, is the scope of the mailing list/solutions limited to 
security of individuals, as opposed to organizations?

 From a deployment perspective, I think we know how to provide privacy 
("identity protection") only by using heavyweight solutions, such as 
onion routing. But there's a whole lot of important things we could do 
(make S/MIME usable, standardize OTR, revive IPsec OE) if we remove this 
constraint. Are such items in scope of this discussion?