[Cryptography] FW: IAB Statement on Internet Confidentiality

Jerry Leichter leichter at lrw.com
Thu Nov 20 16:55:59 EST 2014

On Nov 20, 2014, at 3:09 PM, Viktor Dukhovni <cryptography at dukhovni.org> wrote:
>>> Perhaps "cryptography at metzdowd.com" could get people comfortable
>>> with cryptography by encrypting all of its messages using PGP or
>>> equivalent ?
>> Not a bad idea.  The widely used (in Europe at least) Sympa list
>> manager has built in S/MIME support....
> This list has a public archive.  Anything other than clear-signing
> seems silly.  Not all the machines on which I read my email have
> copies of my S/MIME keys.  Encryption of this list would IMHO be
> a nuisance.
Not only does this list have a public archive, but it has open membership. Anyone wishing to "snoop" on it need merely join.  Hello out there, NSA representative.

Neither of these facts about the list has changed since it was created.  Nevertheless, proposals to encrypt it surface periodically.

We have here a wonderful "teachable moment" concerning the need to define the relevant security properties of a system before trying to attain them.  If you don't know where you're going, any road will get you there....

(Perhaps we *should* enable encryption as a way of testing just how well - or, more likely, badly - existing solutions work.  It might inspire someone on the list to do better.)
                                                        -- Jerry

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4813 bytes
Desc: not available
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20141120/252308c9/attachment.bin>

More information about the cryptography mailing list