Here's a novel use of PEM-based encryption I've been thinking of, and
would like to discuss, especially in its relationship to MIME-PEM.
It may sometimes be useful for sites to run a "secure mail environment"
where all mailboxes are routinely encrypted to protect users from each
others snooping, and from snooping by a cracked root account. This is
even more important in primary and high school environments where the mail
system is likely to be running on a DOS LAN rather than a more secure Unix
system, and proto-crackers abound.
It is simply not enough to rely on users to encrypt their messages when
they send them, especially since PEM software is not very wide-spread at
present, and even those who use it don't routinely encrypt everything they
send. It needs to be built into the code which writes to the user's
mailbox. i.e. as each new message comes in, it is encrypted with the
user's public key and added to the mailbox.
It should be fairly easy to integrate something like this with existing
Unix mail systems with a few sendmail hacks. Other systems may require a
little more work. The main question is: what kind of tagging information
can the mail system add to say "the real message is inside this encryption
envelope, so strip this off first before displaying the message"? i.e.
some kind of multipart which is identical to the normal MIME-PEM
encryption multipart constructs, but which says "I am here for local
privacy only: I am not part of the original message".
Some of you may argue that this is a "local matter", and really shouldn't
be part of the PEM standard. If so, then just a little guideance on a
good tag to use would be appreciated.
This has arisen in my quest for a "Next Generation Windows UUCP" system
which is not only easier to install and use, but also has security built
in at the bottom-most level rather than being tacked on afterwards. This
includes things like: (a) encrypted mailboxes as above; (b) encrypted
newsgroups so teachers can discuss things without students snooping; (c)
encrypted client-server interactions to securely transmit a student's
message to the school server; and (d) anything else I can think of :-) .
By building some of these things into the transport, I hope to increase
the level of security while maintaining backwards-compatibility with
existing PEM-aware client software. Then, by hacking the client software,
make the added security as invisible to users as possible.
Just a few random thoughts. If anyone wants to discuss some of the other
security aspects of my ideas that don't relate directly to PEM, then give
me a holler offline.
Cheers,
Rhys.