I can't see much point in applying and removing PGP and/or S/MIME at the start and end of the TLS tunnel. If you are worried about the encryption strength then fix that. If you are worried about the downgrade attack then hook a policy layer in.
Message layer security will always cover less than transport on an individual hop because the message layer encryption can't cover the routing data. The advantage of going to message layer security is when the start and/or end point might be different. So for example, right now almost nobody is equipped to accept encrypted email as conveniently as unencrypted. I can only receive encrypted email on one machine. I don't enable all my machines because it is a hassle and the keys expire etc. Sending me a message TLS encrypted, I can only decrypt at the inbound mail server. A PGP or S/MIME message could be decrypted at the inbound mail server OR at the mail client depending on what gives the best balance of performance / security / spam control / compliance and convenience. The other advantage to using message layer security is that it is possible to force use of encryption. So for example, let us imagine that I have an outbound mail server that knows how to resolve key identifiers to public keys using some protocol (Vcard, WebFinger, WKS, wev). I can poke the outbound mail server to automatically encrypt messages if the email address has a particular escape code in it. At the moment I am using a question mark. Let us imagine I want to send an email message to Jacob that I want to be sent encrypted or not at all. I would use the address [email protected] which tells my outbound mail server 'use whatever resolution services are available to find a key and if a trustworthy key can be found use it to send the message, otherwise report a delivery failure. If I really want to be sure that the key is correct then I would explicitly specify the key fingerprint: 228F-AD20-3DE9-AE7D-84E2-5265-CF9A-6F91-4193-A197?ja...@appelbaum.net The nice thing about this approach is that I can use it with all my unmodified mail accounts and mail clients. All that I do is to redirect the outbound mail service through my trusted outbound mail gateway (which is on 127.0.0.1 on most of my machines). I could even send messages through my Gmail account (but would have to use a non Webmail client to compose and send). Receiving mail requires me to either use a mail client with my S/MIME cert loaded or an S/MIME viewer for WebMail. At the moment this is a crazy hybrid of S/MIME and PGP approaches. But the fact is that S/MIME has pervasive deployment while PGP has a userbase. Plug ins are a hack for testing purposes only, any security scheme that depends on typical users deploying a plug in is going to fail. It is painful enough dealing with the vagaries of the platform and application update mechanisms changing stuff on a daily basis without a layer of plug ins to cope with on top.
_______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
