-- From: Ed Gerck <[EMAIL PROTECTED]> Subject: X.509 / PKI, PGP, and IBE Secure Email Technologies
> http://email-security.net/papers/pki-pgp-ibe.htm > > X.509 / PKI (Public-Key Infrastructure), PGP (Pretty > Good Privacy) and IBE (Identity-Based Encryption) > promise privacy and security for email. But comparing > these systems has been like comparing apples with > speedboats and wingbats. A speedboat is a bad apple, > and so on. We can, and should, compare any system with the attacks that are made upon it. As a boat should resist every probable storm, and if it does not it is a bad boat, an encryption system should resist every real threat, and if it does not it is a bad encryption system. And no blaming the users. An encryption system must accommodate the user, not the user the system. Problem 1: The primary weakness of existent email is its vulnerability to after the fact investigations. Problem 2: The secondary weakness is ease of forgery. So far spammers are not making much effort to forge their way through your white lists, but phishers are forging the identities of organization's with which you are likely to have relationships. Most efforts have been directed at problem 2, but the true names approach as failed for web sites, and it is too burdensome for people even to try for email The user interface has to be a web page button "Please click here to us to send, and you to whitelist, our emails about blah blah " User clicks. Browser Chrome pops up. "Will you white list emails signed by public key YJQwlHzIzHP7nm04t3CFcrjFlMY, apparently controlled by website www.bankofadelaide.com, common name Bank of Adelaide, current favorite name /favorites/banks/Bank of Adelaide - Home - Personal, proposed petname banks/Bank of Adelaide - Home - Personal The spam filter has to pop up THE EXACT SAME BROWER CHROME, when the user tells it to whitelist a signed email that has been wrongly spam filtered. Crap with certificate authorities or web of trust just is not flying, and is not going to fly. But, of course, the really serious attack is problem 1, the problem that there are too damn many copies of email floating around, due to sending it in the clear and the store and forward architecture, which has got lots of people into really deep trouble. The only copies should be those that the sender, and the receiver, choose to keep, and they should be encrypted with the user's email passphrase, the user's email passphrase should be known only to the client, not to the server, and the user's passphrase should have all the usual strengthening to minimize the effectiveness of offline dictionary attack. To limit the number of possible copies, email should be sent by a direct connection from the client to the recipient mail server, rather than this store and forward crap. Of course this is not email as we know it. It is a new and wholly incompatible protocol, which can be transparently gatewayed to email as we know it. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG EHhbMLsVYHKM99sSClQYV0/o/XVA5PN4UrXpsU0v 4ca9QRhhmxSqwOK6ef12X8jbDKTR/AMD0r8RQzn9j --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
