----- Original Message -----
From: "James A. Donald" <[EMAIL PROTECTED]>
> What email encryption is actually in use?
In my experience PGP is the most used.
> When I get a PGP encrypted message, I usually cannot read it --
> it is sent to my dud key or something somehow goes wrong.
Then you are obviously using PGP wrong. When you choose your 768-bit key in
1996 (I checked the key servers) you should have considered the actual
lifetime that the key was going to have. In 1996 a 768-bit key was
considered borderline secure, and it was just about time to retire them.
Instead of looking at this and setting an expiration date on your key, you
instead choose to make it live forever. Your other alternative would have
been to revoke that key before you retired it. You made critical mistakes,
and you blame it on PGP.
As to it's dependability. I've seen two problems when someone could not
decrypt the PGP message; 1) They shouldn't have access to it (someone elses
key, forgot passphrase, etc), 2) They didn't have any clue how to use PGP,
these people generally have trouble turning on their computer. On rare
occassions there will be issues with versions, but in my experience these
are exceptionally rare.
> Kong encrypted messages usually
> work, because there is only one version of the program, and key
> management is damn near non existent by design, since my
> experience as key manager for various companies shows that in
> practice keys just do not get managed. After I release the next
> upgrade, doubtless fewer messages will work.
Maybe you should have considered designing the system so that it could be
upgraded. A properly designed system can detect when an incompatible version
was used for encryption, and can inform the user of the problem.
Additionally I think there is one core reason why Kong decryptions always
work, no one uses it, without key management it is basically worthless.
Fortunately because there is no userbase you can change it dramatically for
the next release, maybe this time it'll be worth using.
> The most widely deployed encryption is of course that which is
> in outlook -- which we now know to be broken, since
> impersonation is trivial, making it fortunate that seemingly no
> one uses it.
If you did some research, you'd find that it is called S/MIME, it is a
standard, a broken standard, but a standard (admittedly Outlook implemented
it poorly and that is a major source of the breakage). The only non-standard
encryption outlook uses is in the file storage, which has nothing to do with
email.
> Repeating the question, so that it does not get lost in the
> rant. To the extent that real people are using digitally
> signed and or encrypted messages for real purposes, what is the
> dominant technology, or is use so sporadic that no network
> effect is functioning, so nothing can be said to be dominant?
The two big players are PGP and S/MIME.
>
> The chief barrier to use of outlook's email encryption, aside
> from the fact that is broken, is the intolerable cost and
> inconvenience of certificate management.
Actually the chief barrier is psychological, people don't feel they should
side with the criminals by using encryption. Certificate management is
actually quite easy and cheap. It is the mistakes of people who lack any
understanding of how the system actually works that make it expensive and
inconvenient. The same applies to PGP.
> We have tools to
> construct any certificates we damn well please,
The same applies everywhere, in fact in your beloved Kong, the situation is
worse because the identities can't be managed.
> though the root
> signatures will not be recognized unless the user chooses to
> put them in.
That's right, blame your own inadequacies on everyone else, that seems to be
the standard American way now.
> Is it practical for a particular group, for
> example a corporation or a conspiracy, to whip up its own
> damned root certificate, without buggering around with
> verisign?
Of course it is, in fact there are about 140 root certificates that Internet
Explorer recognises, the majority of these have absolutely nothing to do
with Verisign. Getting it into the systems is a big more problematic.
> (Of course fixing Microsoft's design errors is
> never useful, since they will rebreak their products in new
> ways that are more ingenious and harder to fix.)
And this has nothing whatsoever to do with root certificates.
> I intended to sign this using Network Associates command line
> pgp, only to discover that pgp -sa file produced unintellible
> gibberish, that could only be made sense of by pgp, so that no
> one would be able to read it without first checking my
> signature.
Which would of course demonstrate once more that you have no clue how to use
PGP. It also demonstrates what is probably your primary source of "I can't
decrypt it" you are using a rather old version of PGP. While the rest of the
world has updated PGP to try to remain secure, you have managed to forgo all
semblance of security, in favor of not being able to decrypt.
> I suggest that network associates should have hired me as UI
> design manager, or failing, that, hired the dog from down the
> street as UI design manager.
I suggest that Network Associates, PGP Corp, and anyone else that would like
to make something secure, avoid you. Although you claim to have been a
certificate manager, you clearly have no concept of what and how a
certificate works, nor do you have any concept how cryptography should work.
> Presumably the theory underlying this brilliant design decision
> was that in the bad old days, a file produced under unix woudl
> not verify under windows because of trivial differences such as
> the fact the whitespace is expressed slightly differently.
Based on my having just generated a signature on a random text file, I can
confidently say that you obviously have no clue about how to use even the
most basic functionality of a computer.
> Here is a better fix, one that I implemented in Kong: Define
> several signature types with the default signature type
> ignoring those aspects of the message that are difficult for
> the user to notice, so that if a message looks pretty much the
> same to the user, it has the same signature, by, for example,
> canonicalizing whitespace and single line breaks, and treating
> the hard space (0xA0) the same as the soft space. (0x20), and
> so on and so forth.
So it's going to be broken by design. These are critical errors that will
eliminate any semblance of security in your program. Once again you have
demonstrated that you lack any concept of proper design, either of software,
or of security. Please do us all a favor, and make it obvious to the user
that your concept is completely broken, and your program is only worse.
> --digsig
> James A. Donald
> 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
> OmUO5eB/pLnuFIgCU2splCvKO4x0U1Ik31pVFPaU
> 49B5UrVKc5ETzoxGcfl+q9ltoh61l4ncSyE+R5h6P
Look everyone, it's a broken signature.
Joe
