The problem is we cannot change sender behavior. If we could, we would
simply say, "Send the message encrypted with both the client's and IMAP
server's key." That way, the server already would be a recipient.
I do like the idea of being a model of good behavior. We should put that
into the lemonade profile.
-----Original Message-----
From: Ingo Luetkebohle [mailto:ingo(_at_)fargonauten(_dot_)de]
Sent: Saturday, March 12, 2005 6:25 AM
To: Cyrus Daboo
Cc: ietf-openpgp(_at_)imc(_dot_)org; Eric Burger
Subject: Re: Split Implementations of PGP
Am Freitag, den 11.03.2005, 22:08 -0500 schrieb Cyrus Daboo:
A better solution would be to have the message decrypted on
the server and
stored in its unencrypted form with multiple parts - then
the client can
fetch just the text.
Even better would be to have individually encrypted parts. This is
possible with PGP/MIME but not current practice. Trouble being, of
course, that the sender would have to know this is in advance.
It is one more example of the sender having to know what the receiver
requires without a good means of finding out.
So far, these things have been mere nuisances but the
suggested solution
is clearly a big step down in security. I do not know an
answer but it
might be interesting to think about the bigger picture for
once and come
up with something this simple, yet flexible enough.
In any case, I would suggest for implementors of the server-based
decryption to re-format the message into multiple
individually encrypted
parts instead of just storing decrypted messages -- smaller window of
attack.
Ingo