On Wed, Feb 8, 2012 at 5:22 PM, Phillip Hallam-Baker <[email protected]> wrote: > Alice has three mobile phones and six laptops. ... > Trying to make S/MIME email work in that scenario is futile. The > sender only tracks one private key for Alice. So Alice has to export > her private key to all her S/MIME clients. Not only is that terrible > security practice, it is too much work. Worse, Alice has to repeat the > process once a year.
This is a special case of the confidentiality scenario, isn't it? Alice's private key is stored somewhere in the cloud, and the server will send it only to a device that can authenticate as Alice's device. But you also want to prevent the server from impersonating Alice: so the key needs to be encrypted on the server, and decrypted on the device. The dumb, probably good-enough way to do that is to have Alice enter a passphrase on the device which gets PBKDFed to the decryption key. I bet there's something cleverer in the land of secret sharing schemes, but I'd have to go dig it up. zw _______________________________________________ therightkey mailing list [email protected] https://www.ietf.org/mailman/listinfo/therightkey
