ietf-openpgp
[Top] [All Lists]

Re: [openpgp] Can the OpenPGP vs. S/MIME situation be fixed?

2016-07-03 09:47:12
On Sat, Jul 2, 2016 at 5:24 PM, Phillip Hallam-Baker
<phill(_at_)hallambaker(_dot_)com> wrote:


On Sat, Jul 2, 2016 at 11:08 AM, Peter Gutmann 
<pgut001(_at_)cs(_dot_)auckland(_dot_)ac(_dot_)nz>
wrote:

Phillip Hallam-Baker <phill(_at_)hallambaker(_dot_)com> writes:

I have wanted this for a long time. there are actually three separate
problems to be solved.

1) How to make S/MIME work with OpenPGP credentials

2) How to make OpenPGP work with S/MIME credentials

3) How to merge the two specifications into one.

The first two are pretty easy, I've been doing that for years.  For
S/MIME,
use the subjectKeyIdentifier form of the key ID.  For PGP, use an
issuerAndSerialNumber in a type-and-value subpacket.

The third is impossible.  While at an abstract level PGP and S/MIME do the
same thing, the bit-bagging formats used to encode the abstraction are
completely incompatible.  You can't make them compatible without either
moving
S/MIME to the PGP format or PGP to the S/MIME format.  I can't see either
of
those happening...

The other issue, which is sadly overlooked, is implementation
simplicity and UX. Both OpenPGP and S/MIME fail hard on this front for
reasons that cannot be fixed easily. If Adam Langley and I cannot
easily send encrypted emails to each other (fun story about a summer
internship I had) without screwing up multiple times, what hope for
the rest of us? Has anyone fuzzed S/MIME clients to see if they parse
X509 correctly? My guess is some do, most don't, and you will find
exploitable bugs.



That would clearly be impossible if it was what was being proposed.

What I am suggesting is rather different, A new application for managing
encrypted content, Word, Powerpoint, PDF, etc. that has crypto designed into
the metal and also provides a messaging capability.

I am suggesting Blu Ray, not trying to develop adapters to play VHS on
Betamax.

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp




-- 
"Man is born free, but everywhere he is in chains".
--Rousseau.

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp

<Prev in Thread] Current Thread [Next in Thread>