Re: What real users think [was: Re: pgp signing in van]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 9/9/2013 1:27 PM, Steve Crocker wrote:
Actually, I interpret the chemistry professor's comment in a
different light.  It would be possible to design a system where:

o the standard end user software doesn't facilitate editing the other
person's text, and

o each piece of text is signed.

The result would be a system where a recipient would know whether the
person who is alleged to have written a piece of the message actually
did so, and the normal mode of use would be to leave things
untouched.  Or, if you edit someone else's text, it immediately
becomes your text.


The professor's comment was on function, not method. My comment was on
the limitations to methods available at the time.

In a controlled environment, with good resources, quite a bit is
possible. Indeed, server-based "department-level" email products in the
1980s did enforce such restrictions. The single-administration servers
had complete control over the message.

Distribution with independent administrative authorities makes this a
very different game. Enforcement by fiat is impossible.

That's where signing comes in, of course. Modify the content and the
signature fails. Besides the computational overhead -- which was
relatively onerous back when the infrastructure was being established --
this requires that the receiver know and demand that the signature be
present; this requirement has its own adoption barriers.

Starting with a blank sheet and today's technologies, the requirement is
possibly feasible to satisfy -- if we ignore the continuing human
factors barriers to large scale email authentication. However given the
resources at the time the operational service was developed, I think it
wasn't.


d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net




[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]