ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [openpgp] Manifesto - who is the new OpenPGP for?

2015-03-25 22:56:27
from [Phillip Hallam-Baker] [Permanent Link] 
On Wed, Mar 25, 2015 at 7:44 PM, Tim Bray <tbray(_at_)textuality(_dot_)com> 
wrote:

You guys are taking it as axiomatic that a high-quality UX can't be provided
for users of OpenPGP.  Used OpenKeychain recently? Not quite there yet, but
I think your axiom is looking a little shaky.


Certainly not me.

PrismProof email makes S/MIME completely frictionless in use by
essentially grafting the PGP fingerprint trust model onto S/MIME.


I think the idea that we are going to get anywhere by pointing to the
faults in opposing systems is also flawed.

S/MIME and PGP have both suffered from lousy usability because the
original trust models simply don't work. X.509 is fine as a
certificate format, but there is no key discovery infrastructure until
deployment of X.500 is complete. Web of Trust is a fine academic
theory but it is not how OpenPGP is really used in the real world.

The lesson here that I draw is to look at how people are actually
using OpenPGP in practice and work out ways to apply the same approach
to other similar problems.


I do use one trick I borrowed from TimBL, take all the information you
need to establish a connection and smoosh it together in one
identifier:

AB7LRE-3EKR7K-ECT2KV2-7ATCFH-DXB?alice(_at_)example(_dot_)com


But more recently, I have been playing about with games similar to .onion:

alice(_at_)example(_dot_)com._AB7LRE-3EKR7K-ECT2KV2-7ATCFH-DXB
http://example.com._AB7LRE-3EKR7K-ECT2KV2-7ATCFH-DXB/


OK, so what is going on here? Well we have a fingerprint as the
rightmost (i.e. most important) item in the DNS identifier. Which
means 'require a signed security policy describing how to interact
with the identifier to the left.'

So if you want to send email to alice(_at_)example(_dot_)com, do so under a
security policy that is signed under a key with the fingerprint
AB7LRE-3EKR7K-ECT2KV2-7ATCFH-DXB.


That security policy could say something like 'use PGP encryption to this key'.

One of the things OpenPGP proves is that we can quite easily build an
infrastructure that maps from a fingerprint to a security policy. But
one of the major changes since BaL and David and co put the MIT PGP
server together, the Harber-Stornetta patents have expired and we now
have better options like TRANS (or the BitCoin blockchain without the
need to wade through treacle).

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [openpgp] Manifesto - who is the new OpenPGP for?, Peter Gutmann
Next by Date:  Re: [openpgp] Manifesto - who is the new OpenPGP for?, Christoph Anton Mitterer
Previous by Thread:  Re: [openpgp] Manifesto - who is the new OpenPGP for?, Tim Bray
Next by Thread:  Re: [openpgp] Manifesto - who is the new OpenPGP for?, Christoph Anton Mitterer
Indexes:  [Date] [Thread] [Top] [All Lists]