[Cryptography] Fwd: [Endymail] Off we go...

Stephen Farrell stephen.farrell at cs.tcd.ie
Tue Aug 26 18:51:47 EDT 2014 

FYI. We just started a new mailing list. [1] The list description
is below followed by a kickoff mail. I think there are some folks
on here working in this space and it'd be great to get their good
input.

Cheers,
S.

[1] https://www.ietf.org/mailman/listinfo/endymail


There is significant interest in improving the
privacy-related properties of Internet mail. One focus of
current efforts is on the per-hop (connection-based)
protections provided by TLS. However a wide range of other
work has a focus on end-to-end protection, at the Internet
scale of billions of end users and perhaps millions of
operators. Such work typically involves new forms of mail
header or body protection, new public key management
(compared to S/MIME or PGP), and security mechanisms more
appropriate for mobile/web user-agents. Other
security-relevant approaches may be discussed if needed.
Various proposals and development efforts on this topic are
underway outside the IETF. This mailing list provides an
IETF venue for discussion of elements that might be commonly
needed by such efforts and to identify work that the IETF
could do to aid in achieving better end-to-end security
deployed for Internet email.

-------- Forwarded Message --------
Subject: [Endymail] Off we go...
Date: Tue, 26 Aug 2014 15:34:37 -0700
From: Pete Resnick <presnick at qti.qualcomm.com>, Stephen Farrell
<stephen.farrell at cs.tcd.ie>
To: endymail at ietf.org

Hi all,

We've got 88 people subscribed now, which is pretty quick for a list
like this. Seems like there really is interest in the topic, which is good.

What we'd suggest is to start off with some sharing about what folks
are/have-been doing in this space. We know there are a range of projects
and proposals and it'd be good to get some information/pointers on those
we all know about.

Its probably worth stating now that this list is *not* intended to pick
a winner amongst those, nor to anoint one as the "official" IETF thing,
so luckily we don't need to have a bunfight about which is the shiniest
proposal of them all. :-)

Rather a goal of this list is to identify bits of work that the IETF
could do to help such projects/proposals so they could achieve
significant deployment. So if there are common bits to some
projects/proposals that'd be interesting and especially if there'd be
value in having those bits standardized. Or if there are other ways in
which we could help things along that's fair game for discussion too.

And I suppose its inevitable that we'll discuss requirements and the
real-world constraints on solutions too. And even get new and possibly
radical proposals for how to do better in this space. And those are also
OK and interesting for this list.

Success here will be when/if we identify some bit(s) of work that the
IETF could credibly do that'd improve the real-world end-to-end security
and privacy of email. And note that "credible" there requires stuff to
be both technically sane and to have a sufficient set of capable folks
interested and willing to do work.

When/if we do identify such, we'd probably want to start a new WG/list
to actually do the work identified at which point this list could
languish or continue on with more discussion of the next good thing(s)
to do.

So off we go... What projects are folks working on, and what should the
IETF be doing in this space?

Cheers,
Pete & Stephen

_______________________________________________
Endymail mailing list
Endymail at ietf.org
https://www.ietf.org/mailman/listinfo/endymail

More information about the cryptography mailing list