ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Why are mail servers not also key servers?

2017-04-21 09:46:45
from [Philip Homburg] [Permanent Link] 
Is there any kind of description and any kind of agreement of what attacks
secure mail is supposed to defend against?


I am not a security expert, I did however buy a couple of them lunch at 
an IETF meeting years ago and I am sure that the experts will correct 
any misstatements I have made here. S/MIME has been working for years.


At a technical level, yes. S/MIME does stuff. Whether it does the right thing?
Who knows.


People have wildly different ideas of what e-mail security means.

In the context of this discussion, one thing I'm curious about, and somethin

g

that should be clear from the description of the attack vectors, is who
controls a key.


You should be in control of your private keys. You private key is as 
secure as you make it. The average non-technical user will just send 
email, get email, and might make sure that the signed, or encrypted 
email checkbox is checked in their MUA.


By and large, private keys are the boring part. Yes, private keys will leak
every now and then. But overall that's not a big issue.

The big issue is how do you make sure that a public key actually belongs to
the party you want to communicate with and is not a key inserted by an
attacker.

It is easy to say 'trusted third party' without actually defining what such
a third party will look like. That gives the mess that is the current CA
system.

It is also easy to say, just use DNSSEC. Disregarding the trust issues
with that model.


It is easy to come up with lots of ways in which a domain holder can provide
a public key for a mailbox at that domain. But is that what we want?
In some cases, like corporate mailboxes, probably yes. In other cases,
journalists or activists with an e-mail account at a big e-mail provider,
probably not.


The only reason you need to fetch a persons private key first, is so 
that you do not have to exchange the signed and not encrypted key first.


You never 'fetch' a private key. 


And I would imagine that a journalist and activists would most 
definitely want people to send them encrypted email.


Only if governments or other large parties cannot mount a man in the middle
attack. Which they can, if they can control the distribution of public keys.
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Why are mail servers not also key servers?, John Levine
Next by Date:  Re: Why are mail servers not also key servers?, Phillip Hallam-Baker
Previous by Thread:  Re: Why are mail servers not also key servers?, Doug Royer
Next by Thread:  Re: Why are mail servers not also key servers?, Phillip Hallam-Baker
Indexes:  [Date] [Thread] [Top] [All Lists]