On Sat, 14 Sep 2013, keld wrote:
Recently there has been reports in newspapers about powerful
organisations that can sniff on wires and has paid for backdoors and
compromising cryptographic implementations.
Would it be a good idea to make a document describing best practices
trying to protect against such actions, to guide implemetors and service
providers?
If "such actions" involve backdoors in implementations and standards, and
possibly secret mathematical knowledge that can help crack cryptography,
then protecting against them is beyond the scope of email. (In this
particular case, it's probably beyond the technical realm.)
A separate question, that others are trying answer in this thread, is:
assuming we have working cryptography, how can we use that to make email
more secure? That's a tough question and I think that ultimately, if
information is to be kept really secret, it shouldn't be sent over email.
In cases where the fact that communication takes place is not a secret,
and you're not worried about metadata leaking, something like PGP would
probably work. But that doesn't scale. And in many cases metadata does
matter.
Of course, the fact that certain agencies can, in principle, read all your
emails shouldn't stop you from protecting it from the prying eyes of
others. So using SSL/TLS wherever possible is a good thing. But a few
commercial providers offering what's been standard in many other systems
for years, like the "email made in Germany" project, is a marketing stunt
at best.
Martijn.
_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp