IETF Logo Mail Archive

Re: [lamps] On the need for standardization of software-based interoperable private keys

Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 05 August 2021 18:34 UTC

Return-Path: <dkg@fifthhorseman.net>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2244F3A1931 for <spasm@ietfa.amsl.com>; Thu, 5 Aug 2021 11:34:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.306
X-Spam-Level:
X-Spam-Status: No, score=-1.306 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RDNS_NONE=0.793, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=fifthhorseman.net header.b=X24NK4m0; dkim=pass (2048-bit key) header.d=fifthhorseman.net header.b=3faYsPYH
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id O5yBVtksOUm9 for <spasm@ietfa.amsl.com>; Thu, 5 Aug 2021 11:34:12 -0700 (PDT)
Received: from che.mayfirst.org (unknown [162.247.75.117]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AD6473A1D70 for <spasm@ietf.org>; Thu, 5 Aug 2021 11:34:12 -0700 (PDT)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019; t=1628188450; h=from : to : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=YbD5HqMnWusMp3tLiheeluSsqlm5UhnrZMmXnVzcDlk=; b=X24NK4m0z/GvNiOJI57oDResQZtAbreTxkT4sw5EyMe0xu8UUy7+t3torcGSmd+bAUrqe GvPx3X2hFXvgsM+CQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019rsa; t=1628188449; h=from : to : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=YbD5HqMnWusMp3tLiheeluSsqlm5UhnrZMmXnVzcDlk=; b=3faYsPYHnwfA/+NeHS+tABAFFvOTq1e+ObFVIcVr4uRfYbvCGSqeZgZJ9TAY72u28F7EQ tdbMhi55ZbzqcX6N0rYbRlHkj6fiKh7e1LdKEZLyWIYA7lfwubyhODjYI9zIXSA1s9uKY6i G79+90AQyL3FJW2P2RjRNujk/a0AcQg8ulvn/dlrv1CEULHx+qHb9VJdGOwOua/6Vkva2Uc Ag9Vm33mDjTXCPC8im91p72zn9ozUR7a9h3Nokp/kw1AyYrdiB/FClhVMCPfNKrRWMldtgm AloBgwuAj+p1XHWc9FoYhvNnSzca8Gvep1xxQurZamGcCDWTUBO8fUFgTmUA==
Received: from fifthhorseman.net (lair.fifthhorseman.net [108.58.6.98]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by che.mayfirst.org (Postfix) with ESMTPSA id E16A2F9A7 for <spasm@ietf.org>; Thu, 5 Aug 2021 14:34:09 -0400 (EDT)
Received: by fifthhorseman.net (Postfix, from userid 1000) id 8AA5B20C41; Thu, 5 Aug 2021 13:41:03 -0400 (EDT)
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: LAMPS <spasm@ietf.org>
In-Reply-To: <CAErg=HFgA6DA0CKfjOOY8JhmxaTuVNUfvxWZSzTp-1tRu8NN9w@mail.gmail.com>
References: <87czr0ww0d.fsf@fifthhorseman.net> <FF939B28-528B-47F9-9C0C-6585D1B02FBE@vigilsec.com> <87mtq3ukk0.fsf@fifthhorseman.net> <CAErg=HHQMZ1jk+bVxA=MzVvW+9ucie7bu-N6O8Asnp0V8Rf9Bg@mail.gmail.com> <30546.1627850836@localhost> <CAErg=HHKL-E5yT0UnPKcLfMQU41iDg7GGgjsSXs3eRg8daJRkg@mail.gmail.com> <87wnp347iu.fsf@fifthhorseman.net> <1388.1627996026@localhost> <87pmuu42hf.fsf@fifthhorseman.net> <20862.1628113377@localhost> <656985A5-BED4-4BA8-9233-B3C93966016C@ll.mit.edu> <877dh03x35.fsf@fifthhorseman.net> <722a1f15-8ac8-54f2-3c7a-14c7ed92c6ef@cs.tcd.ie> <SA2PR22MB2537BB784F2327052238317FE8F29@SA2PR22MB2537.namprd22.prod.outlook.com> <FAEBE63D-1CCC-4F76-B064-BD2DD4F02357@redhoundsoftware.com> <f0ac754b-18c4-8fdb-fff3-4d8675a9cefb@sandelman.ca> <156EE38A-6688-435C-9191-8D577EDCA251@redhoundsoftware.com> <9843.1628180697@localhost> <2213A8F8-D7DA-458A-96A8-1EC9A43FE900@redhoundsoftware.com> <CAErg=HFgA6DA0CKfjOOY8JhmxaTuVNUfvxWZSzTp-1tRu8NN9w@mail.gmail.com>
Autocrypt: addr=dkg@fifthhorseman.net; prefer-encrypt=mutual; keydata= mDMEX+i03xYJKwYBBAHaRw8BAQdACA4xvL/xI5dHedcnkfViyq84doe8zFRid9jW7CC9XBiI0QQf FgoAgwWCX+i03wWJBZ+mAAMLCQcJEOCS6zpcoQ26RxQAAAAAAB4AIHNhbHRAbm90YXRpb25zLnNl cXVvaWEtcGdwLm9yZ/tr8E9NA10HvcAVlSxnox6z62KXCInWjZaiBIlgX6O5AxUKCAKbAQIeARYh BMKfigwB81402BaqXOCS6zpcoQ26AADZHQD/Zx9nc3N2kj13AUsKMr/7zekBtgfSIGB3hRCU74Su G44A/34Yp6IAkndewLxb1WdRSokycnaCVyrk0nb4imeAYyoPtBc8ZGtnQGZpZnRoaG9yc2VtYW4u bmV0PojRBBMWCgCDBYJf6LTfBYkFn6YAAwsJBwkQ4JLrOlyhDbpHFAAAAAAAHgAgc2FsdEBub3Rh dGlvbnMuc2VxdW9pYS1wZ3Aub3JnL0Gwxvypz2tu1IPG+yu1zPjkiZwpscsitwrVvzN3bbADFQoI ApsBAh4BFiEEwp+KDAHzXjTYFqpc4JLrOlyhDboAAPkXAP0Z29z7jW+YzLzPTQML4EQLMbkHOfU4 +s+ki81Czt0WqgD/SJ8RyrqDCtEP8+E4ZSR01ysKqh+MUAsTaJlzZjehiQ24MwRf6LTfFgkrBgEE AdpHDwEBB0DkKHOW2kmqfAK461+acQ49gc2Z6VoXMChRqobGP0ubb4kBiAQYFgoBOgWCX+i03wWJ BZ+mAAkQ4JLrOlyhDbpHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3Jnfvo+ nHoxDwaLaJD8XZuXiaqBNZtIGXIypF1udBBRoc0CmwICHgG+oAQZFgoAbwWCX+i03wkQPp1xc3He VlxHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnaheiqE7Pfi3Atb3GGTw+ jFcBGOaobgzEJrhEuFpXREEWIQQttUkcnfDcj0MoY88+nXFzcd5WXAAAvrsBAIJ5sBg8Udocv25N stN/zWOiYpnjjvOjVMLH4fV3pWE1AP9T6hzHz7hRnAA8d01vqoxOlQ3O6cb/kFYAjqx3oMXSBhYh BMKfigwB81402BaqXOCS6zpcoQ26AADX7gD/b83VObe14xrNP8xcltRrBZF5OE1rQSPkMNy+eWpk eCwA/1hxiS8ZxL5/elNjXiWuHXEvUGnRoVj745Vl48sZPVYMuDgEX+i03xIKKwYBBAGXVQEFAQEH QIGex1WZbH6xhUBve5mblScGYU+Y8QJOomXH+rr5tMsMAwEICYjJBBgWCgB7BYJf6LTfBYkFn6YA CRDgkus6XKENukcUAAAAAAAeACBzYWx0QG5vdGF0aW9ucy5zZXF1b2lhLXBncC5vcmcEAx9vTD3b J0SXkhvcRcCr6uIDJwic3KFKxkH1m4QW0QKbDAIeARYhBMKfigwB81402BaqXOCS6zpcoQ26AAAX mwD8CWmukxwskU82RZLMk5fm1wCgMB5z8dA50KLw3rgsCykBAKg1w/Y7XpBS3SlXEegIg1K1e6dR fRxL7Z37WZXoH8AH
Date: Thu, 05 Aug 2021 13:41:02 -0400
Message-ID: <87tuk33i35.fsf@fifthhorseman.net>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha256"; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/4pPQ8q9kjvH0ieml0zQdJNjuC-c>
Subject: Re: [lamps] On the need for standardization of software-based interoperable private keys
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Aug 2021 18:34:17 -0000

On Thu 2021-08-05 12:43:22 -0400, Ryan Sleevi wrote:
> we can do better, by reducing the amount of key slinging that is
> happening, and being comfortable with the existence of multiple
> keys. Protocols such as WebAuthN are designed around this concept, as
> are the hardware tokens implementing it; the notion of many keys (a
> key for origin/application), rather than trying to have One Key to
> Rule Them All.

Note that multiple authentication/signing private keys is significantly
easier to manage than multiple message encryption keys.  WebAuthN works
in a different space than encrypted e-mail.

Having an e-mail message delivered that is readable in only one of your
MUAs, when both MUAs are capable of reading *some* of your encrypted
messages, is a terrible UX failure.

Deciding to fix that by fixing all the senders in the world to encrypt
to all the valid encryption-capable certs they have for a recipient (and
ensuring that they actually *do* have all the certificates for a given
peer) is a complex, long-term, systems-level problem to solve.

In the meantime, sharing a decryption-capable private key between MUAs
is a one-time, one-shot fix that the account owner can perform on their
own (or could, if the tooling were actually functional), and even works
to unlock old messages that had already been sent before the new MUA was
brought online.

Signing (of which authentication is a subset) is a different problem
than store-and-forward encryption to a potentially offline peer.

       --dkg

v2.23.0 | Report a Bug | By Email