What email encryption is actually in use?

Matthew Byng-Maddick cryptography at lists.colondot.net
Wed Oct 2 11:38:27 EDT 2002 

On Wed, Oct 02, 2002 at 10:04:03AM -0500, Jeremey Barrett wrote:
> BTW, most and probably all of the major mail clients out there will do
> STARTTLS *for SMTP*. It's a matter of servers offering it and clients
> being configured to actually use it. It'd be nice if they always used it
> if it's available, but right now I think they all require being told to.

I have to say that much as it is a laudable goal to get widespread
encryption on the SMTP server network, I'm rapidly coming to the conclusion
that opportunistic encryption in this way doesn't really work. Consider
where one side believes that it will only accept certificates signed by a
particular CA (a perfectly plausible scenario in the case of SSL/TLS), and
I hand it a self-signed one - this is not communicable before the connection
starts up, and in-protocol, a failure to apply policy causes the connection
to be shut down (this is by no means the only one, consider one side that
only use DES and the other that never use it), leaving the connection in an
undefined state.

The problem with this is obvious. You have to treat the failure as a
temporary failure and try again in a bit. Of course, we know that the
only way you're going to send this system mail is by sending it in plaintext,
because otherwise you won't adhere to policy, but also, given that it's an
automated service, there's no human to turn round and try something slightly
different, as there is in the case of the Web Browser or mail client talking
SSL.

I remain to be convinced on the value of opportunistic encryption. In my
mind it doesn't, apparently, do anything useful. Of course, properly
configured SSL, I'd agree with, but that means advertising what you're
going to talk in some way that means you won't get half way through the
protocol and leave it in an undefined state.

MBM

-- 
Matthew Byng-Maddick         <mbm at colondot.net>           http://colondot.net/

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com

More information about the cryptography mailing list