[Top] [All Lists]

[ietf-smtp] e2e email security (Was: Re: [pkix] another attempt to canonicalize local parts)

2016-03-12 05:30:54


I think the subject has wandered and wanted to try to up level
this a bit to see if there's interest in tackling the general

On 12/03/16 09:46, John R Levine wrote:
This confirms your point and John K's that current MUA
crypto is for the most part a checklist item, not something that most
people would want to use.

Yep, I think that's very true sadly, esp. for SMIME. A little
less so for PGP maybe, but both are IMO failures. (As were PEM
and MOSS before them.)

Even more sadly, I think the issues raised in this thread are
only a subset of the problems that need fixing if we are to
see ubiquitous use of e2e email security.

For example, issues not raised so far include: there is little
or no MUA development these days; both PGP and S/MIME were really
designed to only consider that the user has one MUA, which is
no longer true - fixing that requires new infrastructure (to
move or access private keys) which we've failed to do well at
least once; the email environment now is very centralised
compared to when PGP and S/MIME were designed, with the result
that unless enough of the really BIG players play, any proposal
is dead, and maybe the BIG service providers aren't incented to
improve the overall ecosystem and are more likely to want to
improve things for their own users; Mail header fields are not
protected which won't meet user expectations and protecting
those will cause a major tussle with anti-spam; and lastly for
now, e2e email security if widely deployed will force us to
change where we locate anti-spam and similar technologies.

And all of the above (plus the other issues already raised) are
each individually and independently killer arguments. So I'm not
hopeful frankly.

That said, I do think we should be encouraging folks who are
willing to try to move the needle, via experiments or otherwise.
And we should be liberal in judging those experiments, since
another conclusion I've reached after considering the above
issues is that if we ever do manage to get e2e working well
and deployed, then the technology we'll end up using will be
radically different from S/MIME or PGP (though it may well
have lineage from both). So even weird and wonderful experiments
that involve interoperability breakage should be encouraged
IMO, assuming they are sane.

We did btw, start a mailing list for this discussion a while
back. [1] That that didn't seem to get traction also seems to
re-enforce the impression that we're not yet in a place where
we'll be able to make significant progress on the overall here.
(Again, leading us back to encouraging experiments.)



Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

ietf-smtp mailing list
<Prev in Thread] Current Thread [Next in Thread>