Watson,
One obvious solution for end-to-end email encryption is to use ID-based cryptography: a new record type would be defined in the DNS containing the system key for an ID-based system, and the username (everything before the '@') would be the identity used. This would not obscure addresses or the fact of communication right now, but would prevent interception at intermediate nodes. It would be webmail compatible.
IBE requires an infrastructure in which we trust CAs not only to correctly identify subjects, but also to not snoop on traffic, since the CAs intrinsically have access to the private keys. It also requires an infrastructure in which the CAs are directly tied to e-mail names, and then into some bigger hierarchy, else we wind up with tens of thousands of TAs. It would be much simpler, and more secure, to use DANE.
Are there any issues beyond the merely cryptographic that I need to consider here? Can this be shoehorned into S/MIME, or do we need to do something new? In the next few days I will try to make a draft/implementation for this.
IBE for S/MINE was defined in RFC 5408, in 2008. But, the issues I noted above, plus IPR issues, have diminished enthusiasm for its deployment.
Steve _______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
