On Sat, 21 Feb 2004, Iljitsch van Beijnum wrote: > > This is all about cost-benefit and the realities of the messy, chaotic, > > ignorant world of mail users the world around. In nearly all cases the > > cost-benefit of signing or encrypting all messages and maintaining > > strict, reliable lists of ALL your correspondants' keys is > > overwhelmingly negative. > > Hm, this is basically what happens for HTTPS... Seems to work most of > the time. For roughly $100/certificate/year, sure. But nobody registers certificates for all their hosts, just their server(s). And clients don't need or get certificates -- you are validating/encrypting based on a one-sided connection. And you still have lots of people who, when they get the little box that says that the host key isn't recognized and should you connect anyway say "sure". Please, just take my VISA card number and shoot me now... Now scale that by maybe 50-100 unregistered clients per registered server (maybe more -- an entire organization might have only a handful of servers and thousands of workstations or personal computers). Now scale THAT by anywhere from 1-10 people per station/computer, globally (or start at the other end and simply count the number of entities that can send or receive electronic mail -- hundreds of millions, surely). What this adds up to is money. Real money. At $100/year/entity tens of billions of dollars a year. It makes sense, nay, it is essential to secure a connection between a random client and a place of internet commerce or business with value. Credit card and personal data is "valuable" and the cost of certification is trivial compared to the gain at the corporate level. But, how many individuals are going to pay this kind of money to secure their personal email? Especially when they can secure it NOW, for free, with readily available (if not always well integrated) tools, and only secure it where it really matters and not bother when it is a message to a coworker down the hall that you want to meet them for lunch in fifteen minutes? So I agree, I agree. It would be lovely to have a universal certification mechanism not unlike DNS or the existing SSL key certification agencies that would scale to the same kind of level that DNS scales to today -- a keypair for every human on the planet that uses email or other key-driven network services, uniquely tied to the individual, and accessible GLOBALLY via a directory service. Am I the only person who thinks that this a) would be hell to engineer so that it would work at all; b) would have an "interesting" impact on civil liberties? On the one hand, in principle it would let everybody encrypt everything and increase privacy. On the other, the mind reels at the thought of all the new avenues of attack and abuse this would open up -- key server spoofing, NSA-driven decryption attacks, the continuing vulnerability of private keys on otherwise poorly secured systems. And some people don't WANT to publish directory information at all -- one side effect of registering all humans and email entities on the planet is that ALL THEIR ADDRESSES become immediately accessible via lookup functions, or the system cannot work. Encryption is a good thing, but it also offers a somewhat illusory privacy. At the moment I KNOW my email and computer are not secure, so I do not send the details of my cocaine transactions and terrorist activities out in cleartext on open lines, nor do I store them on a hard disk. Both are easily compromised. Ask both the Japanese and the German high commands of WWII -- they'll tell you that historically "unbreakable" encryption schemes inevitably aren't, and Moore's law plus the advent of cluster supercomputers makes this doubly true today. I'm willing to be convinced that this is feasible at the scale of billions of users (the design would need to in principle be able to accomodate "all" of the inhabitants of the globe, and all their automated agents or corporate entities capable of sending or receiving mail -- say 2^33 to 2^36 addresses, so better use a 64-bit or better UID) with terabytes of associated data in the full registry database. However, Duke has had plenty of problems just flattening out its UID space on an INSTITUTIONAL level, with maybe 20-30K total users (many of them highly transient, many of them "entities" with different identities in different contexts, e.g. a single student might have 3 or 4 accounts by which they are known and can login or receive main in different departments or networks). This is a relatively controlled, relatively well managed environment. Trying to extend this to the entire Internet seems like madness to me, at least at the moment. At the very least, come up with something first that can manage an entire University sized domain, is built on fully open source and is not proprietary, is secure "enough" in actual application and with bad guys hammering on it (and not just in theory), and from what you learn there MAYBE you can come up with a way of scaling it out to multiple organizations and eventually the world. rgb -- Robert G. Brown http://www.phy.duke.edu/~rgb/ Duke University Dept. of Physics, Box 90305 Durham, N.C. 27708-0305 Phone: 1-919-660-2567 Fax: 919-660-2525 email:rgb@xxxxxxxxxxxx