[Top] [All Lists]

Re: [openpgp] Intent to deprecate: Insecure primitives

2015-03-23 14:25:59
On Tue, 2015-03-17 at 11:04 -0400, Derek Atkins wrote: 
Show me an MUA that does this, please?  None of the OpenPGP-aware MUAs
I've ever used have this feature, as far as I know.  I suppose I could
go out of my way to replace the encrypted email with a
re-encrypted/plaintext email.

But frankly I'd like my encryption software to just maintain the ability
to decrypt it later.

While I don't think that implementations should throw away old algos
(even if insecure) - the should just no longer use it for creating new
content, and should only decrypt/verify signatures with appropriate
warnings, I'd say that the question of long term storage of
encrypted/signed content (e.g. mails) is (and should be) beyond the
scope of OpenPGP.
That being said, the WG shouldn't alter the decisions it makes based on
that question, but rather only on security considerations.

As for e.g. long term email storage:
- if you just store them as received over the wire (i.e.
encrypted/signed) they may very well become insecure over time, so the
original purpose of confidentiality and authenticity is no longer
guaranteed (by leaving them with the old encryption/signature).

- constantly re-encrypting them seems to be not feasible, and you cannot
re-sign mails from someone else.

- IMHO the appropriate way would be for a MUA to record that the mail
was sent encrypted to you and by whom of your contacts it was signed (if
any of that was the case) - for later reference.
And any further protection of the content should be handled by disk


Attachment: smime.p7s
Description: S/MIME cryptographic signature

openpgp mailing list
<Prev in Thread] Current Thread [Next in Thread>