[Cryptography] Size of the PGP userbase?

Jon Callas jon at callas.org
Thu Dec 12 19:57:26 EST 2013 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


On Dec 12, 2013, at 4:04 PM, Phillip Hallam-Baker <hallam at gmail.com> wrote:

> OK not wanting to re-iterate the conversation, just want to let folks know that this is helpful. I want to be really sure that I have covered all the requirements.
> 
> 
> The goal is 'Frictionless cryptography'.
> 
> The legacy S/MIME deployment is the code base to build on in my view. There is more of it for a start and S/MIME is fully integrated into the IETF mail infrastructure. It is the format that has received ongoing updates as the IETF has changed other parts of mail.
> 
> So that means adding the features of the PGP trust mechanism to the S/MIME environment. Which is not that difficult. 
> 
> 
> One aspect of the problem neither PGP nor S/MIME solves at present is telling me when to send email encrypted by default. Like Jon I do not enable every one of my devices for receipt of encrypted mail. Until there is a mechanism that makes that easy sending someone an encrypted email message is going to be an inconvenience. I have a spec for such a scheme but it isn't implemented in the prototype yet.
> 
> So I am thinking that there is going to have to be some kind of policy glue. If we put that between the key hash and the public key data the user can advertise statements such as "I support the PGP and S/MIME formats" and telling different people to use different keys. I might have my mail configured so that encrypted mail from people I don't know goes through the spam content filter which has one key and encrypted mail from people I do know is encrypted under my end-to-end key.
> 
> 
> The code is still at the plumbing stage which means I spent today writing an SMTP proxy in C using OpenSSL. 

Cool. Laudable goal. Even achievable. We did it at PGP Corporation. I'll add that despite the name "PGP Universal" it did S/MIME, too, and images a public key into both OpenPGP keys and S/MIME certificates.

There are lots of things you can do here. For example, the advantage of S/MIME is that certs are in the messages. You can sniff them out of incoming messages and cache them. So, for example, suppose Alice sends an S/MIME message to Bob. If Charlie then sends Alice a message, you can use that cached cert to get transparent encryption for Charlie.

You can use the convention we did of keys.* to be a domain name for a key/cert server, as well. Our SMTP proxy would go ask the recipient domain for relevant certs and use them. My 2003 "Self-assembling PKI" paper gives the basic rundown of many, many techniques. They work amazingly well.

	Jon



-----BEGIN PGP SIGNATURE-----
Version: PGP Universal 3.2.0 (Build 1672)
Charset: iso-8859-1

wj8DBQFSqlt5sTedWZOD3gYRAmecAJ0TtJTELalvAdhSTtlEqWCLOz+ssACdHFAV
Ck5otcPcJGEB50heCUikSdg=
=ZJxM
-----END PGP SIGNATURE-----

More information about the cryptography mailing list