Greg Troxel wrote:
Andrey Jivsov <openpgp(_at_)brainhub(_dot_)org> writes:
Many of these issues, such as the security level of information, is
outside of traditional domain of OpenPGP. I suppose an e-mail
application in Suite-B environment might have a UI combobox with
SECRET/TOP SECRET choices in the compose window that magically (based
on content or at worst manually) are set to the correct level. The
rest is easier to program: this would allow software to check that
[TS] information is being sent to [S] key(s) and block it.
I am a bit boggled as to the point of this discusion. It seems rather
unlikely that an OpenPGP software implementation will be approved to
handle classified traffic, and even less likely that a user on a
computer running a GUI will have available adequate MLS facilities to
choose the level of a message.
This was an answer to a hypothetical question
"Now take real-world examples like that of Enigmail, which uses GPG as
its crypto engine. How on earth is GPG, the "OpenPGP implementation" in
that system, supposed to stop Enigmail from doing that?".
I assumed as an axiom that Enigmail and gpg are running in this
environment. I was trying to point out that we need another parameter --
the security level for the information -- and that it should come from
"somewhere above" in reference to OpenPGP format. It cannot be deduced
from recipient keys.
Are we talking about being able to have an OpenPGP implementation be
configured to follow Suite B guidelines for S or TS, intended for use
with unclassified information? This would perhaps follow the reasonable
theory that such guidelines define best practices for algorithm choice.
Are we talking about hardened implementations that would implement mail
gateways between enclaves?
OpenPGP format can be used to encrypt any traffic. The proposal even has
stronger public key algorithm P-521 beyond P-384 mandated by [TS].
Or something else? I don't mean to be difficult, but I really don't get
it.
So far, I think we are getting consensus that ECC in OpenPGP should be a
format document. How an application is designed is beyond the scope of
ECC. Gateway is probably easier to do right, but end-to-end has value in
that users can be authenticated using multifactor authentication. I
suppose you, Greg, don't argue that OpenPGP format can be used for any
Suite-B traffic in properly designed application. ECC in OpenPGP is a
format and the system itself can be implemented in hardware, or a
combination of software and HSM (this should be our task to ensure this
compatibility with smartcards and HSMs).