Re: [lamps] Proposed addition of header protection to the LAMPS charter
"John R Levine" <johnl@taugh.com> Mon, 12 November 2018 16:51 UTC
Return-Path: <johnl@taugh.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A1D88130DCA for <spasm@ietfa.amsl.com>; Mon, 12 Nov 2018 08:51:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1536-bit key) header.d=iecc.com header.b=tBeETzXe; dkim=pass (1536-bit key) header.d=taugh.com header.b=jz6zFnTO
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ufutdJiMZuTf for <spasm@ietfa.amsl.com>; Mon, 12 Nov 2018 08:51:51 -0800 (PST)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 16F05130DC9 for <spasm@ietf.org>; Mon, 12 Nov 2018 08:51:50 -0800 (PST)
Received: (qmail 9989 invoked from network); 12 Nov 2018 16:51:48 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent; s=2701.5be9afa4.k1811; bh=skXjOubmH66XULyWmcI4vefee9206hKJ07j/bKcM3rs=; b=tBeETzXeF06OlYIaaRM5ZHiRcvcvp6NGlNBIa7djeqLpeFVKJB+sjZjOSkfIZkTy4eJ4JGFeD3U3wvF091ky3xWlUKmrdaECrZVTBVcViS4JXebvtROsPEiq3g8Pj6V7vJFoefHTbyJg4u7te1wxcumVZeXi0QwMTc3Ce7FVeRmHoJWfso92RQ8ml1qnlB95MatQU+fVbPiLEG5dx0mKG/bQmRT56gaVW7pxr6Rtprtw9p6BECiuh99mWBu0cETj
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent; s=2701.5be9afa4.k1811; bh=skXjOubmH66XULyWmcI4vefee9206hKJ07j/bKcM3rs=; b=jz6zFnTOfvotfUFIR5qhZNYdNLHpfEa0qI5QRty9z5hcsleyQeKL2zD5orGK2b8WV4D7lyg9jg/Y8jRLYt/l8f8boCI3o4GM3PbFSk+P6bNd5xAp5sgqGZHRf/k5yr5SRC8yNmShHXIYuMu6Q7o8q60CCxeV1t+B/tP8+6QY5PectwpiQ9YB6FGQn1M/Hbh0gPgmsbnGrL7DWXgGxbX6ooNsNlaPgCykv/E70OU68blptCu603VRHvo5FmsM7K2C
Received: from localhost ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.2/X.509/AEAD) via TCP6; 12 Nov 2018 16:51:48 -0000
Date: Mon, 12 Nov 2018 11:51:48 -0500
Message-ID: <alpine.OSX.2.21.1811121138140.12656@ary.qy>
From: John R Levine <johnl@taugh.com>
To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Cc: spasm@ietf.org, housley@vigilsec.com
In-Reply-To: <877ehiwaob.fsf@fifthhorseman.net>
References: <20181106045754.7331F2007FC274@dhcp-8071.meeting.ietf.org> <877ehiwaob.fsf@fifthhorseman.net>
User-Agent: Alpine 2.21 (OSX 202 2017-01-01)
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"; format="flowed"
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/LqBtzn0sL5UsY_iM30uSVea1tlg>
Subject: Re: [lamps] Proposed addition of header protection to the LAMPS charter
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Nov 2018 16:51:54 -0000
On Mon, 12 Nov 2018, Daniel Kahn Gillmor wrote: >> they looked in their mail programs. The only thing that was >> consistent from one MUA to another was that they looked awful. > > John, if you have the infrastructure set up to generate screenshots of > e-mail messages on multiple MUAs (particularly those that handle message > encryption and/or signatures), i'd love to take advantage of it! If > it's something you can share, please let me know (off-list is fine if > it's not something you can make broadly public). I have the code that wraps and responds lying around somewhere. I'll see if I can find what addresses it's attached to. I don't have any screenshot tools beyond what anyone has on a Mac or a phone. > There are multiple clients already doing header protection today, > interoperably (e.g. enigmail and K-9 mail). This is not a code-free > exercise :) The question isn't whether it's possible to write applications that can wrap and unrwap mail. Of course it is. The question is whether it's usable at scale. Two niche applications do not scale make. Get Oath and Gmail to implement it in webmail and MS to put it in Outlook, and then it'll be interesting. If e2e encrypted mail becomes at all popular outside of small closed communities it will be useless because 95%* of it will be spam and malware. Spam filtering depends both on metadata which the MTA can use with encrypted mail and with body filtering which it can't. Filters need to look at the contents and correlate them with the contents of other messages both to look for bulk mail, and to recognize and deflect links to phishes and malware. The mail community has known about this issue for a long time and so far we have no idea what to do about it other than giving your keys to your MTA so it can unwap and filter. Regards, John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY Please consider the environment before reading this e-mail. https://jl.ly * - that's how much of mail is spam and malware these days
- [lamps] Proposed addition of header protection to… Russ Housley
- Re: [lamps] Proposed addition of header protectio… Salz, Rich
- Re: [lamps] Proposed addition of header protectio… Quynh Dang
- Re: [lamps] Proposed addition of header protectio… Stephen Farrell
- Re: [lamps] Proposed addition of header protectio… Jim Schaad
- Re: [lamps] Proposed addition of header protectio… John Levine
- Re: [lamps] Proposed addition of header protectio… Alexey Melnikov
- Re: [lamps] Proposed addition of header protectio… Hernâni Marques (p≡p project)
- Re: [lamps] Proposed addition of header protectio… Hernâni Marques (p≡p foundation)
- Re: [lamps] Proposed addition of header protectio… Bernie Hoeneisen
- Re: [lamps] Proposed addition of header protectio… Daniel Kahn Gillmor
- Re: [lamps] Proposed addition of header protectio… Daniel Kahn Gillmor
- Re: [lamps] Proposed addition of header protectio… John R Levine
- Re: [lamps] Proposed addition of header protectio… Daniel Kahn Gillmor
- Re: [lamps] Proposed addition of header protectio… Sean Turner
- Re: [lamps] Proposed addition of header protectio… John Levine
- Re: [lamps] Proposed addition of header protectio… Daniel Kahn Gillmor
- Re: [lamps] Proposed addition of header protectio… John R Levine
- Re: [lamps] Proposed addition of header protectio… Bernie Hoeneisen
- Re: [lamps] Proposed addition of header protectio… Russ Housley
- Re: [lamps] Proposed addition of header protectio… Bernie Hoeneisen
- Re: [lamps] Proposed addition of header protectio… Russ Housley
- Re: [lamps] Proposed addition of header protectio… Bernie Hoeneisen
- [lamps] Draft addition of header protection to th… Russ Housley
- Re: [lamps] Draft addition of header protection t… Stephen Farrell
- Re: [lamps] Draft addition of header protection t… Salz, Rich
- Re: [lamps] Draft addition of header protection t… Daniel Kahn Gillmor
- Re: [lamps] Draft addition of header protection t… Salz, Rich
- Re: [lamps] Draft addition of header protection t… Bernie Hoeneisen
- Re: [lamps] Draft addition of header protection t… Russ Housley
- Re: [lamps] Draft addition of header protection t… Bernie Hoeneisen
- Re: [lamps] Draft addition of header protection t… John Levine
- Re: [lamps] Draft addition of header protection t… Daniel Kahn Gillmor
- Re: [lamps] Draft addition of header protection t… Russ Housley
- Re: [lamps] Draft addition of header protection t… John R Levine
- Re: [lamps] Draft addition of header protection t… Daniel Kahn Gillmor
- Re: [lamps] Draft addition of header protection t… bernie
- Re: [lamps] Draft addition of header protection t… bernie
- Re: [lamps] Draft addition of header protection t… bernie
- Re: [lamps] Draft addition of header protection t… John R Levine
- Re: [lamps] Draft addition of header protection t… Stephen Farrell
- Re: [lamps] Draft addition of header protection t… John R Levine
- Re: [lamps] Draft addition of header protection t… bernie
- Re: [lamps] Draft addition of header protection t… Stephen Farrell
- Re: [lamps] Draft addition of header protection t… Daniel Kahn Gillmor
- Re: [lamps] Draft addition of header protection t… Bernie Hoeneisen
- Re: [lamps] Draft addition of header protection t… Daniel Kahn Gillmor
- Re: [lamps] Draft addition of header protection t… Bernie Hoeneisen
- Re: [lamps] Draft addition of header protection t… Russ Housley
- Re: [lamps] Draft addition of header protection t… Hernâni Marques (p≡p project)
- Re: [lamps] Draft addition of header protection t… Stephen Farrell
- Re: [lamps] Draft addition of header protection t… Daniel Kahn Gillmor
- Re: [lamps] Draft addition of header protection t… Russ Housley
- Re: [lamps] Draft addition of header protection t… Hernâni Marques (p≡p project)
- Re: [lamps] Draft addition of header protection t… Bernie Hoeneisen
- Re: [lamps] Draft addition of header protection t… Daniel Kahn Gillmor
- Re: [lamps] Draft addition of header protection t… Russ Housley