On 04/21/2017 06:06 AM, Philip Homburg wrote:
You send me a signed email from a mutually trusted source. I now have your public key, because you can extract it from the signed S/MIME email. (I am guessing you can do this with PGP.)Just replying to a random part of the discussion. Is there any kind of description and any kind of agreement of what attacks secure mail is supposed to defend against?
I am not a security expert, I did however buy a couple of them lunch at an IETF meeting years ago and I am sure that the experts will correct any misstatements I have made here. S/MIME has been working for years.
Without a clear statement of what it is supposed to do, it is not possible to figure out whether a proposal actually meets that goal. And without a clear goal it is also not possible to figure out if the system is going to useful or not.
To be clear, this is not a goal or proposal. This is how S/MIME works now. This is how it was designed to work.
People have wildly different ideas of what e-mail security means. In the context of this discussion, one thing I'm curious about, and something that should be clear from the description of the attack vectors, is who controls a key.
You should be in control of your private keys. You private key is as secure as you make it. The average non-technical user will just send email, get email, and might make sure that the signed, or encrypted email checkbox is checked in their MUA.
To put it in terms of TLS certificates, is an e-mail key 'DV' or 'EV'?
It is easy to come up with lots of ways in which a domain holder can provide a public key for a mailbox at that domain. But is that what we want? In some cases, like corporate mailboxes, probably yes. In other cases, journalists or activists with an e-mail account at a big e-mail provider, probably not.
The only reason you need to fetch a persons private key first, is so that you do not have to exchange the signed and not encrypted key first.
And I would imagine that a journalist and activists would most definitely want people to send them encrypted email.
-- Doug Royer - (http://DougRoyer.US http://goo.gl/yrxJTu ) DouglasRoyer@xxxxxxxxx 714-989-6135
<<attachment: smime.p7s>>