On 26/03/2015 03:56 am, Phillip Hallam-Baker wrote:
On Wed, Mar 25, 2015 at 7:44 PM, Tim Bray <tbray(_at_)textuality(_dot_)com>
wrote:
You guys are taking it as axiomatic that a high-quality UX can't be provided
for users of OpenPGP. Used OpenKeychain recently? Not quite there yet, but
I think your axiom is looking a little shaky.
Certainly not me.
That's a very important observation. I don't take it as axiomatic, I
take it as somewhere between very hard and the wrong question.
Almost the whole problem comes down to time & knowledge. As I never
tire of saying, what we knew in 1992 is no longer state of the art;
we've moved on since then:
Messaging is no longer the same: we need chat, voice & video, and these
are challenging in formats, patterns and networking, but also open up
possibilities for authentication. Including Tom Ritter's challenging
post. PGP was designed for cut&paste email, that's not only the least
interesting thing, it's also an older generation thing which might not
be worth protecting at all in 20 years. With a nod to PHB's approach of
toughest first.
Storage has changed: we no longer consider a message over the wire as
the same thing as a message at rest on disk. We do/don't keep video
chat, we do/don't take naughty snaps using screen shots. We do/don't
share huge files (movies) for which OpenPGP is entirely unsuited because
it assumes everything is a datagram, and 16G datagrams aren't supported
by any other software.
Evidence has changed: we do/don't keep transcripts around for evidence.
We do/don't think of digsigs as human signatures. We do/don't worry
about removal of files. We do/don't consider the wire to be a threat
and we do/don't consider our counterparty to be a threat.
WoTs are no longer the same: we now have social networks, which love
them or hate them, have raised the bar so substantially that the PGP's
communal notions of WoT are vestigial.
Value has changed: we now have serious and competing payment systems,
all of whom want to integrate with all aspects of life.
Computing & networking has changed: we can no longer rely on our own
trusted platform. We can't rely on "one platform" and we can't rely on
ownership, eg BYOD. Instead it's all mobile, and we're at the mercy of
what we get given, and what they bring. Small factors, always present,
always online, always travelling.
Our models of shared computing are changing: As Derik mentioned, PGP
started in a keys-in-pocket age, but we also had client-server +
enrollment with S/MIME. Then there's social networking, and now there's
cloud. Popular is blockchain, various groups are trying to put
'identity' onto a shared context, which also answers part of Derik's
implied permissionless requirement.
So, what do we want to use PGP for, and is that still good?
In 1992, almost everything about securely using the Internet could be
answered by saying "use PGP". In 2015, almost nothing about security
using the Internet can be answered by "use PGP" at least the old one.
iang
PrismProof email makes S/MIME completely frictionless in use by
essentially grafting the PGP fingerprint trust model onto S/MIME.
I think the idea that we are going to get anywhere by pointing to the
faults in opposing systems is also flawed.
S/MIME and PGP have both suffered from lousy usability because the
original trust models simply don't work. X.509 is fine as a
certificate format, but there is no key discovery infrastructure until
deployment of X.500 is complete. Web of Trust is a fine academic
theory but it is not how OpenPGP is really used in the real world.
The lesson here that I draw is to look at how people are actually
using OpenPGP in practice and work out ways to apply the same approach
to other similar problems.
I do use one trick I borrowed from TimBL, take all the information you
need to establish a connection and smoosh it together in one
identifier:
AB7LRE-3EKR7K-ECT2KV2-7ATCFH-DXB?alice(_at_)example(_dot_)com
But more recently, I have been playing about with games similar to .onion:
alice(_at_)example(_dot_)com._AB7LRE-3EKR7K-ECT2KV2-7ATCFH-DXB
http://example.com._AB7LRE-3EKR7K-ECT2KV2-7ATCFH-DXB/
OK, so what is going on here? Well we have a fingerprint as the
rightmost (i.e. most important) item in the DNS identifier. Which
means 'require a signed security policy describing how to interact
with the identifier to the left.'
So if you want to send email to alice(_at_)example(_dot_)com, do so under a
security policy that is signed under a key with the fingerprint
AB7LRE-3EKR7K-ECT2KV2-7ATCFH-DXB.
That security policy could say something like 'use PGP encryption to this key'.
One of the things OpenPGP proves is that we can quite easily build an
infrastructure that maps from a fingerprint to a security policy. But
one of the major changes since BaL and David and co put the MIT PGP
server together, the Harber-Stornetta patents have expired and we now
have better options like TRANS (or the BitCoin blockchain without the
need to wade through treacle).
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp