NPR : E-Mail Encryption Rare in Everyday Use
Alex Alten
alex at alten.org
Sun Mar 5 19:54:38 EST 2006
At 03:13 AM 3/6/2006 +1300, Peter Gutmann wrote:
> >Basically our customer required us to encrypt any team communications. So we
> >used PGP with email. I know the body of the email was encrypted, and I
> >believe attachments were too. The certs were used to "automate" the
> >decryption. Basically the PGP plugin would check the incoming mail's sender
> >email name and try to find a local cert that had the same email name in it.
>
>Hmm, that sounds like broken software then, since the (probabilistically)
>unique keyID to locate the appropriate decryption or signature verification
>key is included in the message/signature - you never have to look at the From:
>address, and indeed trying to use it for key lookups would be a recipe for
>disaster because of the problems you pointed out.
RFC 3280 states that an end entity's subject key id SHOULD be included. It is
not a MANDATORY extension field, see section 4.2.1.2. So the software is
not technically broken.
Since the key id is derived from the raw public key itself, doesn't that
defeat
the purpose of automatically authenticating that the encrypted email is really
from "fred at company.com"? I'm assuming a naive email user on the receiver
side that never manually maps the key id to "fred at company.com". Most
general users sort of understand the email name format, it's a bit much to
force
them to map a cryptic looking key id to it too. Especially considering the
user
might have dozens or hundreds of people on their mailing list. Mapping
mistakes
would be common.
I won't mention the questions regarding certificate revocaton vs user email
name.
:-)
- Alex
--
- Alex Alten
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list