>From: TCJones(_at_)dockmaster(_dot_)ncsc(_dot_)mil
>Subject: PEM's future direction
>Date: Fri, 24 Jun 94 21:18 EDT
>Peter Williams>... basically, there was market sector fragmentation
>between personal private mail, and business mail assured for use in
>commercial functions.
>
>IMHO this is not a very interesting distinction, business mail is
>primarily personal. Perhaps the distinction that is needed is between
>legally binding non-repudiation (will probably need DSS) and privacy for
>personal and business use (DES or IDEA with some sort of key
>management.)
The Internet services have demonstrated that many business users are
happy to pay for (cheap) access to unmanaged global network services
(concept in contrast to say the commercial uses the same parties make
of BT GNS) and, and can make significant utilization of it in the
course of their non-commercial activities to their profit. This is
addition to any needs they may have for buying raw transport pipes. So,
separating the market into business, and residential is not valid in
todays pricing models for unmanaged networks, for non-commercial
functions of such entities. We are in agreement on this.
Its to be seen whether the level of risk in unmanaged, unassured
networks will give residential customers of the Internet the confidence
to make commercial transactions. Id see high-volume, low-value commerce
a strong possibility, though; if the Internet packet network becomes assured
using a public-key crypto basis (as is perfectly technically possible and in my
judgement likely), massive growth is also likely for both business and
residential commercial customers. But, for now, the aim has
to be to get the risk equivalent to the current use of credit cards,
and their levels of fraud; customers of the credit card system are
already happy to pay for the massive fraud in the system, and there
would seem little reason to believe they would be unhappy to exchange
one form of single-order tranmission technology (voice phone) for another
(directly connected SMTP) once the concept has been well promoted.
>So are you saying that PEM smelled success by aping the PGP model?
>Going head-to-head with PGP will probably not be fruitful. PEM needs is
>own market niche.
It had one, which you, amongst others, derided. So the promoters moved
away from those who want to constantly discuss PGP and analogue
schemes. This floor is yours, by recent demonstration. How many people are
left active, Im not sure. the old PEM is doing fine, elsewhere.
>With no good definition of either the product, nor of the market to be
>served, it is unlikely that this will result in any better standards.
I have yet to see a standardized version of the the PGP specs; one
sensible course for the Internet would be to merge modern PEM and PGP,
at the e-mail object level, and faciliate the indications of a variety
of key-management schemes. However, this goes against the Internet's
traditional policy of homogenity and, single community goals, with the
IESG sitting on the fence until such has happened. Usually, one groups
runs out of cash or energy, and the other wins lowest-common
denominator stakes. This is often precisly what the Internet
"mass-market" standard, uniform needs are.
>Lets look at my own take on the market break-down:
>
>1> Military - There is an RFQ out now for DMS. I heard that the big
>boys (uSoft and Lotus) were battling for it with versions of their COTS
>product with mod's for the TESSERA card. Does anyone have more current
>info?
DMS conformance requires the support for P48 (MSP), profiled by DSP
Draft MIL-STD 2045-18500, available widely. The full (reader-writer)
solution requires P.772 and a message store, which very few people have
implemented fully, though several cheaper gateway implementations do exist.
we'll have to wait and see just how conformant these are to the
programme's requirements.
Your intelligence on whats happening in the DMS bidding community (and
the US telecomms industry, concomintantly) seems rather basic, on this
evidence. The relevance of DMS to say the PEM WG, is that it is an
example of a security solution for a mixed-stack environment, and this
procurement and deployment aims to protect unclassified-but-sensitive
information. Such procedural marking is highly similar to the processing
of the vast majority of commercial-confidential information handled by
your average first-world corporation.
(Given you previous comment about belt-way bandits working for the
military, Im suprised you are now interested in DMS technically,
or commercially. It is highly valuable to realise though the commercial
implications of the massive procurement on the US IT market, however, and
you are right to note it here.)
>
>2> Legal non-repudiation - The IRS needs to be able to put people in
>jail for falsifying tax returns. They need to accept electronic tax
>returns. What's the solution?
The US EMA conference last time had an interesting presentation from
the US IRS tax-people, which almost nobody attended. The objective was to
expand the availablity of electronic return, in order to extend the
privilege of fast processing to more people than can be safely handled
using the current electronic returns experiment. The nature of the
ambiguity over the validity of signature for anything other than
message-origin authentication, means that no program to combat general
statement fraud or falsification was envisaged - other than that for
determining false authentication and identification of the (registered)
electronic tax-filer.
Secured, store and forward organizational messaging was what they
specified as the requirement, in short, as for most commercial
entities the world over.
>
>3> Business use - Businesses today function just fine with the FAX. If
>they want to know whether to ship an order, they check with D&B or with
>some of the firms other trading partners. How can we get at least that
>level of trust?
Public FAX terminals use a managed network, using registered addresses,
and an assured and regulated set of providers and network access
methods. Access to the on-line server (D&B) is also over an assured
network with similar properties. Its not useful to talk chalk and
cheese; the aim of PEM is/was to address the conventional Internet,
only. Kerberos make a good stab at emulating D&B in this example, for
smaller communities; Mixing X.509 and Kerberos was an open topic a
while back, before it got commercial. The alternative was assured key
distribution, which was effectively rejected for the Internet, here.
>
>4> Personal use - People want to protect their correspondence, whether
>its love letters, trade secrets or drug deals. PGP seems to work just
>fine, but it makes the government nervous. There is no resolution of
>this problem, nor is one possible until the laws of the land change.
Id be nervous about enabling "people" to protect their drug deals
using ciphers, too. Perhaps the concern is valid.
>
>Now, my reading from Peter, is that we have people arguing over the
>difference between 2 and 3. (Lets assume that PEM will never cut it for
>point 4, just for the time being.) Then old hierarchical PEM seems to
>solve the problem for 2, but only if the government accepts it. The
>problem for 3, IMHO could be solved just fine by PGP, but, apparently,
>some of the old line PEM folk want to move PEM in that direction. There
>is no competition now for item 2, except that the government can't make
>up its mind whether to use DSS or go blind. That means that 2 WILL NOT
>be solved until it is time to solve it. (Say the IRS were to start
>actually accepting TAX forms with DSS, or with RSA for that matter.) So
>if PEM were to work for non-repudiation, it might (or might not) require
>some new algorithms, but, in any case, we cannot know until the legal
>situation shakes out. So that leaves the people who want to move PEM
>forward with 3, but that means that there will be competition between
>PEM and PGP. Is that wise, or even necessary?
>
Id disagree that the axis of the PEM WG has failed to move into
4. The objections of concentrating IETF resources on naming,
registration, etc, were in reaction to the market requirements for the
actual Internet growth areas.
The "old-hierarchical PEM" is precisely the approach chosen for DMS,
and again we are in agreement; there is little choice,really, if one
really cares about privacy. In fact, Tom, I think we are mainly in
agreement in our analyses, except you support a particular product
line, and bias your arguments occasionally.
>Peace ..Tom