NPR : E-Mail Encryption Rare in Everyday Use

Jon Callas jon at callas.org
Tue Feb 28 10:46:50 EST 2006 

I have to chime in on a number of points. I'll try to keep commercial  
plugs to a minimum.

* An awful lot of this discussion is some combination of outdated and  
true but irrelevant. For example, it is true that usability of all  
computers is not what it could be. But a lot of what has cruised by  
here is similar to someone saying, "Yes, usability is atrocious --  
here, look at this screenshot of Windows 3.1." Someone else pipes up,  
"You think that's bad, let me show you this example from the Xerox  
Alto. What*ever* were they thinking?" And then someone else says,  
"Yeah, and if you think that's bad, look at what 'ls' did in Unix  
V6!" Then when someone else says, "Y'know, I'm using the latest  
version of Firefox, and it's actually pretty good" the next message  
says, "But what about the Y2K issues, and what happens when in 2038?"  
I swear, guys, this thread is the crypto version of the Monty Python  
"Luxury" sketch.

* Whitten and Tygar is a great paper, but it was written ages ago on  
software that was released in 1997. Things aren't perfect now, but  
let's talk about what's out there now. Even at the time, one of  
Whitten's main points is how hard it is to apply usability to  
security, because of how odd it is. As a very quick example, in most  
forms of user design, you let exploration take a prominent place. But  
it doesn't work in security because you can't click undo when you do  
something you didn't intend.

* There are new generations of crypto software out there. I produce  
the PGP products, and PGP Desktop and PGP Universal are automatic  
systems that look up certs use them, automatically encrypt, and even  
does both OpenPGP and S/MIME.

They're not perfect, and lead to other amusing issues. For example,  
an hour ago, I was coordinating with someone that I'm meeting at a  
conference. I got a reply saying, "I'm at the airport and can't  
decrypt your message from my phone." I hadn't realized that I *had*  
encrypted my message, because my system and my colleague's system had  
been doing things for us.

I habitually send most of my email securely, but I don't think about  
it. My robots take care of it for me. I tune policies, I don't  
encrypt messages.

If you don't want to use my products, as Ben Laurie pointed out,  
there's a very nice plugin for Thunderbird called Enigmail that makes  
doing crypto painless.

* There are also new generations of keyservers out there that work on  
the issues of the old servers to trim defunct keys, and manage other  
issues. I have out there the PGP Global Directory. Think of it as a  
mash-up of a keyserver along with Robot CA concepts and user  
management goodness adapted from modern mailing list servers like  
Mailman.

* A number of us are also re-thinking other concepts such as using  
short-lived certificates based on the "freshness" model to constrain  
lifecycle management issues.

* There are many challenges remaining. Heck, the fact that people  
here apparently have not updated their knowledge any time this  
century is part of the problem. But let me tell you that email  
encryption is growing, and growing strongly. However, most of the  
successes are not happening where you see them. They're happening in  
business, where communities of partners decide they need to do secure  
email, and then they do. This is another place where things have  
changed radically. A decade ago, we thought that security would be a  
grass-roots phenomenon where end-users and consumers would push  
security into those stodgy businesses. What's happening now is the  
exact opposite -- savvy businesses are putting together sophisticated  
security systems, and that's slowly starting to get end-users to wake  
up.

I'd be happy to discuss at length where things are getting better,  
where they aren't, and where some issues have been shuffled around.  
But we do need to talk about what's going on now, not ten years ago.

	Jon






---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list