<div dir="ltr"><div class="gmail_extra"><div class="gmail_quote">On Mon, Nov 14, 2016 at 6:30 AM, Phillip Hallam-Baker <span dir="ltr"><<a href="mailto:hallam@gmail.com" target="_blank">hallam@gmail.com</a>></span> wrote:<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div class="gmail_extra"><div class="gmail_quote"><span class="gmail-">On Sun, Nov 13, 2016 at 7:39 PM, ianG <span dir="ltr"><<a href="mailto:iang@iang.org" target="_blank">iang@iang.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div class="gmail-m_-7769763348480485856HOEnZb"><div class="gmail-m_-7769763348480485856h5">On 12/11/2016 15:18, Phillip Hallam-Baker wrote:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
If Hilary had encrypted her email, she would almost certainly be<br>
president elect.<br><br></blockquote></div></div></blockquote></span></div></div></div></blockquote><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div class="gmail_extra"><div class="gmail_quote"><span class="gmail-"><div><br></div></span><div><div style="font-size:small">There can be an international cryptography day as well. Preferably in the summer.</div></div></div></div></div></blockquote><div><br></div><div>Summer and International... golly...<br>You just excluded the north or southern hemisphere ;-)</div><div><br></div><div>For me the take away is that there is no system for email </div><div>that is sufficiently secure today that is user friendly</div><div>and accessible from common tools like a phone, notebook,</div><div>chromebook or common desktop/side computer.</div><div><br></div><div>A critical path problem for archives is that the archive is also a treasure trove</div><div>and the messages must be readable by many which argues with cryptography.</div><div><br></div><div>It is technically easy for two of us to exchange messages with </div><div>strong encryption but adding more recipients becomes a tangle.<br>Audit and archive is the third and fourth reader that breaks things.</div><div><br></div><div>The archival requirement for mail in this case appears to mandate </div><div>that the message store/archive be in the clear or locked with</div><div>an archive key. The key management over time seems difficult.<br><br>Anyone that communicates with a famous person securely </div><div>will need a dedicated key pair for that person to deliver on a legal</div><div>request. Famous can reach back in time so I need to have a</div><div>public/private key pair for each of 1000+ individuals in my contact</div><div>list and also their public key used to communicate with me.<br>Or the valid legal request for a key for all messages to a named individual</div><div>would unlock all messages to the 999+ unnamed individuals.<br><br>Transport security to and from a trusted device and a server seems</div><div>possible. Printing and screen capture from a remote device is </div><div>a real problem. Again a central server would have to manage</div><div>all the keys over time. The managing team of that central server </div><div>could have a Snowden so the larger the server the larger the treasure trove.</div><div><br></div><div>To me there are mixed agenda. Some like the media want access</div><div>via a freedom of information request or full transparency. This requires that a broker</div><div>be in a position to inspect, classify, redact, reclassify or deny distribution</div><div>of the document. Others wish to audit security... and track </div><div>all communications to detect disclosure real-time and in history. <br>Meta data -- yes that is also critical.<br>One bit of meta data is not an issue but the entire flow of meta data </div>would have a high classification as the deception of "Operation Fortitude"<br>of WW2 demonstrated. <br><br><br><div><br><br></div><div><br><br></div><div><br></div><div><br></div><div><br></div><div> </div><div> </div></div><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature"><div dir="ltr"> T o m M i t c h e l l</div></div>
</div></div>