Re: Agenda, security, and monitoring

On Sat, Feb 01, 2014 at 03:34:46PM -0800, Dave Crocker wrote:
> 1. It has demonstrated unacceptable usability for average users.
This is much more of an integration issue than anything else, I think.

For example, both S/MIME and GPG support is well integrated into mutt,
such that it is quite easy to use.  It's literally 2 or 3 keystrokes
to request that a message be PGP signed or encrypted.

If you haven't looked to see how the implementations have gotten
better over the past couple of years, you may be quite surprised how
much better things have gotten.  For example, I was extremely
pleasantly surprised to find out how easy it was to buy[1] a 16 Euro
OpenGPG smartcard[2], and to start using it.  I didn't have to do any
driver configuration or software recompilation.  It just worked[tm].

[1] http://shop.kernelconcepts.de/product_info.php?cPath=1_26&products_id=42
[2] http://g10code.com/p-card.html

So now my GPG private key is stored on a smartcard, and is no longer
on my laptop hard drive.  (The same is true for my ssh private key ---
the gpg-agent also will handle ssh keys.  Major win!)


> 2. It does not protect the header or the envelope, to the extent
> anyone cares about divulging the Subject or other message
> meta-data...
This is true for both S/MIME and GPG.


> 3. It's packaging in the body is ugly. (See #1)
You can package up PGP signatures using PGP/MIME, at which point it is
just as ugly as MIME (and S/MIME) happens to be.  Which is to say, if
you have a mail agent which supports the MIME format (I use mutt), you
won't see the ugliness at all.

The one pain point is that if I know I'm exchanging encrypted mail
with someone for which I happen to know their mail agent doesn't
understand PGP/MIME, I have to go slightly out of my way to select the
legacy "BEGIN PGP MESSAGE" body format.

But then again, if I want to exchange encrypted mail with someone
whose mail user agent doesn't support S/MIME (or who didn't feel like
paying $$$ to some certifying authority, many of which have failed
spectactular in the past), I don't have any recourse at all.  At list
with PGP/GPG I have my choice of either PGP/MIME or the traditional
inline body format.

> However any focus on PGP or S/MIME in their current forms will be a
> distraction that well might seduce the IETF community into thinking
> it's doing something useful for the Internet that actually isn't.
If more internet developers actually used GPG or S/MIME, maybe we
could start focusing on the real problem, which isn't in how we do the
crypto, but how we do the key management, and/or figuring out how to
solve the CA "race to the bottom" problem.

                                                - Ted

P.S.  I would **really** strongly suggest that people consider
experimenting with the OpenPGP smart card.  If you have a Lenovo
laptop which you configured with the extra $20 smartcard reader
option, it's amazingly convenient from a hardware usage standpoint,
and as I mentioned, I was amazed how little work I needed to do to
make my Debian laptop use it.

If you need to purchase an external $20 USB smartcard reader (and
there are portable ones that when folded are only 48mm x 20mm x 12mm
-- see [2]) it's a little bit less convenient, but the piece of mind
in knowing that your crypto keys are very well protected is well worth
it IMHO.

[2] 
https://www.scbsolutions.com/express/product_info.php?cPath=1&products_id=119&SCBtid=34f590521dbb61a86a0476833b38413c

The one annoying thing is that the cards are shipped from Germany.
Maybe someone would be willing to do a bulk buy and bring them to the
next IETF meeting, if there is sufficient interest.  As I mentioned,
it can be used to protect both your PGP and SSH private keys.

signature.asc
Description: Digital signature