On Sat, 21 Feb 2004, Iljitsch van Beijnum wrote:
This is all about cost-benefit and the realities of the messy, chaotic,
ignorant world of mail users the world around. In nearly all cases the
cost-benefit of signing or encrypting all messages and maintaining
strict, reliable lists of ALL your correspondants' keys is
overwhelmingly negative.
Hm, this is basically what happens for HTTPS... Seems to work most of
the time.
For roughly $100/certificate/year, sure. But nobody registers
certificates for all their hosts, just their server(s). And clients
don't need or get certificates -- you are validating/encrypting based on
a one-sided connection. And you still have lots of people who, when
they get the little box that says that the host key isn't recognized and
should you connect anyway say "sure". Please, just take my VISA card
number and shoot me now...
Now scale that by maybe 50-100 unregistered clients per registered
server (maybe more -- an entire organization might have only a handful
of servers and thousands of workstations or personal computers). Now
scale THAT by anywhere from 1-10 people per station/computer, globally
(or start at the other end and simply count the number of entities that
can send or receive electronic mail -- hundreds of millions, surely).
What this adds up to is money. Real money. At $100/year/entity tens of
billions of dollars a year.
It makes sense, nay, it is essential to secure a connection between a
random client and a place of internet commerce or business with value.
Credit card and personal data is "valuable" and the cost of
certification is trivial compared to the gain at the corporate level.
But, how many individuals are going to pay this kind of money to secure
their personal email? Especially when they can secure it NOW, for free,
with readily available (if not always well integrated) tools, and only
secure it where it really matters and not bother when it is a message to
a coworker down the hall that you want to meet them for lunch in fifteen
minutes?
So I agree, I agree. It would be lovely to have a universal
certification mechanism not unlike DNS or the existing SSL key
certification agencies that would scale to the same kind of level that
DNS scales to today -- a keypair for every human on the planet that uses
email or other key-driven network services, uniquely tied to the
individual, and accessible GLOBALLY via a directory service.
Am I the only person who thinks that this a) would be hell to engineer
so that it would work at all; b) would have an "interesting" impact on
civil liberties? On the one hand, in principle it would let everybody
encrypt everything and increase privacy. On the other, the mind reels
at the thought of all the new avenues of attack and abuse this would
open up -- key server spoofing, NSA-driven decryption attacks, the
continuing vulnerability of private keys on otherwise poorly secured
systems. And some people don't WANT to publish directory information at
all -- one side effect of registering all humans and email entities on
the planet is that ALL THEIR ADDRESSES become immediately accessible via
lookup functions, or the system cannot work.
Encryption is a good thing, but it also offers a somewhat illusory
privacy. At the moment I KNOW my email and computer are not secure, so
I do not send the details of my cocaine transactions and terrorist
activities out in cleartext on open lines, nor do I store them on a hard
disk. Both are easily compromised. Ask both the Japanese and the
German high commands of WWII -- they'll tell you that historically
"unbreakable" encryption schemes inevitably aren't, and Moore's law plus
the advent of cluster supercomputers makes this doubly true today.
I'm willing to be convinced that this is feasible at the scale of
billions of users (the design would need to in principle be able to
accomodate "all" of the inhabitants of the globe, and all their
automated agents or corporate entities capable of sending or receiving
mail -- say 2^33 to 2^36 addresses, so better use a 64-bit or better
UID) with terabytes of associated data in the full registry database.
However, Duke has had plenty of problems just flattening out its UID
space on an INSTITUTIONAL level, with maybe 20-30K total users (many of
them highly transient, many of them "entities" with different identities
in different contexts, e.g. a single student might have 3 or 4 accounts
by which they are known and can login or receive main in different
departments or networks). This is a relatively controlled, relatively
well managed environment. Trying to extend this to the entire Internet
seems like madness to me, at least at the moment. At the very least,
come up with something first that can manage an entire University sized
domain, is built on fully open source and is not proprietary, is secure
"enough" in actual application and with bad guys hammering on it (and
not just in theory), and from what you learn there MAYBE you can come up
with a way of scaling it out to multiple organizations and eventually
the world.
rgb
--
Robert G. Brown http://www.phy.duke.edu/~rgb/
Duke University Dept. of Physics, Box 90305
Durham, N.C. 27708-0305
Phone: 1-919-660-2567 Fax: 919-660-2525
email:rgb(_at_)phy(_dot_)duke(_dot_)edu