Re: [Endymail] Another view of the problem and what the IETF could do

Stephen Farrell <stephen.farrell@cs.tcd.ie> Tue, 02 September 2014 16:22 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: endymail@ietfa.amsl.com
Delivered-To: endymail@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 54E211A05D3 for <endymail@ietfa.amsl.com>; Tue, 2 Sep 2014 09:22:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.568
X-Spam-Level:
X-Spam-Status: No, score=-2.568 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.668] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AUcy_RGo3UoP for <endymail@ietfa.amsl.com>; Tue, 2 Sep 2014 09:22:20 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) by ietfa.amsl.com (Postfix) with ESMTP id CB1281A0311 for <endymail@ietf.org>; Tue, 2 Sep 2014 09:22:19 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 21048BF01; Tue, 2 Sep 2014 17:22:19 +0100 (IST)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4O5RH3023YjD; Tue, 2 Sep 2014 17:22:17 +0100 (IST)
Received: from [10.87.48.9] (unknown [86.42.23.36]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id B754FBEFF; Tue, 2 Sep 2014 17:22:17 +0100 (IST)
Message-ID: <5405EEB8.1060107@cs.tcd.ie>
Date: Tue, 02 Sep 2014 17:22:16 +0100
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.0
MIME-Version: 1.0
To: Leo Vegoda <leo@vegoda.org>, Steffen Nurpmeso <sdaoden@yandex.com>
References: <CAHBU6iuxfqs9RszSaJLaTV_obKBCJ9Pzii+t9XANN3q+bJm-3Q@mail.gmail.com> <878um3prio.fsf@vigenere.g10code.de> <cddbc815-a98a-48e5-8dea-c3d8a68ca4d9@gulbrandsen.priv.no> <87y4u2laqh.fsf@vigenere.g10code.de> <20140902114217.lp_a_yD8%sdaoden@yandex.com> <20140902160206.GA7900@vegoda.org>
In-Reply-To: <20140902160206.GA7900@vegoda.org>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
Archived-At: http://mailarchive.ietf.org/arch/msg/endymail/Qs_drMQ1tg5TaiLJPSwzx8MTvNc
Cc: Werner Koch <wk@gnupg.org>, Arnt Gulbrandsen <arnt@gulbrandsen.priv.no>, endymail@ietf.org
Subject: Re: [Endymail] Another view of the problem and what the IETF could do
X-BeenThere: endymail@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <endymail.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/endymail>, <mailto:endymail-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/endymail/>
List-Post: <mailto:endymail@ietf.org>
List-Help: <mailto:endymail-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/endymail>, <mailto:endymail-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Sep 2014 16:22:21 -0000

I'm not quite sure I'm reading this correctly, but just in
case...

On 02/09/14 17:02, Leo Vegoda wrote:
> Handing out cryptographic identity certificates or similar to people
> who do not understand the risks or benefits and do not have a
> suitable key management framework doesn't seem a great idea to me.

If this list concludes that an Internet-scale key management
framework is required where all key holders are strongly
authenticated before they get any functional benefit, then
that makes life easy - we have 20+ years of evidence that
there's no point in bothering to try construct that;-)

Similarly, if the list concludes that users have to understand
keys then that's also easy - we know that will never happen
and so could also call it a day.

Luckily I don't think most folks are making those mistakes
but we really shouldn't spend any more time than absolutely
needed on discussion that assumes that the Internet only
has strongly authenticated keys or only has users who
understand cryptographic keys.

If someone reading this is not convinced already, please
mail me offlist and I'll try set you right, but let's not
reinvent X.400 email security here please? (Or PEM, or MOSS,
or S/MIME or PGP or STANAG 4406 or the various national or
proprietary variations etc.)

S.