Yahoo releases internet standard draft for using DNS as public key server

Ian Grigg iang at systemics.com
Tue Jun 1 13:50:52 EDT 2004 

Dave Howe wrote:
> Ian Grigg wrote:
> 
>>  Dave Howe wrote:
>> > TLS for SMTP is a nice, efficient way to encrypt the channel.
>> > However, it offers little or no assurance that your mail will
>> > *stay* encrypted all the way to the recipients.
>>  That's correct. But, the goal is not to secure email to the extent
>>  that there is no risk, that's impossible, and arguing that the
>>  existence of a weakness means you shouldn't do it just means that we
>>  should never use crypto at all.
> 
> No - it means you might want to consider a system that guarantees 
> end-to-end encryption - not just "first link, then maybe if it feels 
> like it"
> That doesn't mean TLS is worthless - on the contrary, it adds an 
> additional layer of both user authentication and session encryption that 
> are both beneficial - but that *relying* on it to protect your messages 
> is overoptimistic at best, dangerous at worst.


This I believe is a bad way to start looking
at cryptography.  There is no system that you
can put in place that you can *rely* upon to
protect your message.

(Adi Shamir again: #1 there are no secure systems,
ergo, it is not possible to rely on them, and
to think about relying will take one down false
paths.)

In general terms, most ordinary users cannot
rely on their platform to be secure.  Even in
specific terms, those of us running BSD systems
on laptops that we have with us all the time
still have to sleep and shower...  There are
people out there who have the technology to
defeat my house alarm, install a custom
key logger designed for my model of laptop,
and get out before the hot water runs out.

For that reason, I and just about everyone
else do not *rely* on tech to keep my message
safe.  If I need to really rely on it, I do what
Adolf Hitler did in November of 1944 - deliver
all the orders for the great breakout by secure
courier, because he suspected the enigma codes
were being read.  (He was right.)

Otherwise, we adopt what military people call
"tactical security:"  strong enough to keep
the message secure enough so that most of the
time it does the job.

The principle which needs to be hammered time
and time again is that cryptography, like all
other security systems, should be about risk
and return - do what you can and put up with
the things you can't.

Applying the specifics to things like TLS and
mail delivery - yes, it looks very ropey.  Why
for example people think that they need CA-signed
certs for such a thing when (as you point out)
the mail is probably totally unprotected for half
the journey is just totally mysterious.

iang

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list