Re: not really pgp signing in van

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Subject: Re: not really pgp signing in van Date: Tue, Sep 10, 2013 at 01:07:19AM -0000 Quoting John Levine (johnl@xxxxxxxxx):
> 
> The MUAs I use (Thunderbird, Alpine, Evolution) support S/MIME a lot
> better than they support PGP.  There's typically a one key command or
> a button to turn signing and encryption on and off, and they all
> automagically import the certs from on incoming mail.

<advocacy type=MUA>
That is why you should start using mutt. Mutt fetches the PGP key that
signed a received message from key servers if it is not present in
the local keyring, and verifies it. 
</advocacy>

As a result, I've got all the IETFers that sign messages saved in my
key ring. Automatically. Subsequent signed messages from that same sender
will either validate or be very clearly flagged as fakes. 

This is exactly the same security level that all SSH fans know
and love, ie. wide open for MITM and impostors. It is -- however --
upgradeable to "really useful" by verifying and signing the sending keys.

As has been stated before, MIME multipart signatures and their
structured data are definitely capable of maintaining the integrity
of the message one is replying to. Frequently, though, this either
means that replying properly will trash the message or deteriorate into
top-posting. Top-posting, while normally a flogging offense in my book,
has the advantage of preserving the replied-to text slightly better. The
conversation structure is OTOH trashed[0]

The one thing that comes out of this message, then, is that this is a
end-node problem that is probably best solved in MUA implementations. A
possible method could be to design a "diff" multipart -- that is a list
of edits (i'm thinking of something like "diff -e" that makes a diff as
an "ed" script that can be applied to the original message.)  applied to
the replied-to message. This multipart is then signed and transmitted,
and the receiving MUA then performs validation of the replied-to text
part, the diff part, and if they validate, will merge them, creating
a clear presentation of which lines are original and which ones are
edited. For reference, the original message of course is included and
the MUA should have a display option to show the original unaltered.

There are several problems with the above idea, for instance the notion of
ever-growing emails as all posters simply shove the history downwards to
push their stellar insights on top of the pile, but today, that is mainly
a display problem. Since I'm suggesting a fairly aggressive presentation
system with preserved history, I think that is tolerable.

-- 
Måns Nilsson     primary/secondary/besserwisser/machina
MN-1334-RIPE                             +46 705 989668
I feel like a wet parking meter on Darvon!

[0] A: Because it messes up the order in which people normally read text.
    Q: Why is top-posting such a bad thing?
    A: Top-posting.
    Q: What is the most annoying thing in e-mail?

Attachment: signature.asc
Description: Digital signature


[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]