ietf
[Top] [All Lists]

Re: Proposed Proposed Statement on e-mail encryption at the IETF

2015-06-02 09:12:23

Hiya,

On 02/06/15 14:44, Joe Abley wrote:
Hi all,

All this "HTTPS everywhere" mail collided for me this morning with a
similar avalanche of press about Facebook's freshly-announced use of
PGP:

https://www.facebook.com/notes/protecting-the-graph/securing-email-communications-from-facebook/1611941762379302

 Mail to public mailing lists can already be signed (like this one
is). It'd be nice if mailman didn't MITM the signed content, so that
the signature can be validated. (Perhaps it will; I will find out
after I hit send.) 

A lot of signatures do survive our lists. I think most bad
PGP signatures I see on IETF mail happen when someone forwards
or quotes and my MUA tries to be a bit too clever. Most s/mime
signatures seem to show as bad, I suspect because they chain
up to an enterprise CA, but I've not checked.

Someone with interest could do a study about that that'd be
interesting and informative. (Hint for anyone with cycles
and interest:-) One could even imagine creating a useful
database of public keys used by IETFers and automating the
refresh of that. If there were such a thing that fed into
engimail/gpg or the s/mime support in common MUAs that'd
be excellent.

There's lots of other mail from individuals to
closed groups like the IAB and the IESG and from IETF robots to
individuals that *could* be encrypted, or at least signed. There is
work here that *could* be done.

If the argument that we should use HTTPS everywhere (which I do not
disagree with) is reasonable, it feels like an argument about sending
encrypted e-mail whenever possible ought to be similarly reasonable.

I think that's not unreasonable but has additional barriers to
being tractable. In particular, in my case, I'd need to ensure
I could decrypt email on multiple devices (I currently just do
that on one) and I'd want (but probably not have) a way to mirror
information I store on public keys across those devices too. I
think that's all doable for me, but it'd be a bit of work.

I doubt I'm alone in either of those respects.

I'd also wonder if MUAs would be up to handling all the kinds of
forwarding we do, but that's something it'd be useful to find
out.

Given that so much of the work of the IETF happens over e-mail, a
focus on HTTP seems a bit weird.

Well, putting the initial focus on HTTP(S) is probably correct
given that we can more easily do more there, but if you read the
proposed statement it does say that it applies across the board
(modulo pragmatism of course).


Note that this is not an attempt to start a conversation about
whether PGP is usable, or whether S/MIME is better. I will fall off
my chair in surprise if it doesn't turn into one, though.

We have a list for such discussion [1] if folks feel the need.
And I know PHB has an interesting idea to try to merge the two
in terms of message formats. I'm not sure that's feasible but
discuss on [1] if you feel the need. And please don't have that
discussion here unless there's a reason for it to be here and
not there:-)

Cheers,
S.

[1] https://www.ietf.org/mailman/listinfo/endymail




Joe

Attachment: 0x805F8DA2.asc
Description: application/pgp-keys

Attachment: signature.asc
Description: OpenPGP digital signature

<Prev in Thread] Current Thread [Next in Thread>