[Cryptography] Digital Certificate Forensics: Clinton Email Server

Tom Mitchell mitch at niftyegg.com
Wed Mar 11 15:49:00 EDT 2015 

On Wed, Mar 11, 2015 at 8:21 AM, Henry Baker <hbaker1 at pipeline.com> wrote:

> FYI --
>
>
> https://www.venafi.com/blog/post/what-venafi-trustnet-tells-us-about-the-clinton-email-server/
>
> Digital Certificate Forensics: What Venafi TrustNet Tells Us about the
> Clinton Email Server
>

Good stuff.

I listened with interest to this issue.

There are some very real issues... but I have yet to hear any good ones on
the media.

Thus I currently believe:
It is a tempest in a teapot...   All federal employees have the option of
using
multiple email accounts in addition to their assigned federal archived
accounts.  The decision
to use one or the other sits entirely with the employee.

None of these email trust issues explored by Venafi cover federal secrets
requirements.
Hillary stated that no classified material was transmitted via email...
something which I tend
to agree with.   My limited interaction with classified content taught me
that getting stuff
inside and getting stuff out is brutal and slow.  Digital content can take
forever... Thus
classified material would be paper perhaps handwritten or possibly on a
secured dedicated
device like a laptop or MAC-mini.    Secured in a physical safe in the
home....  Thus encrypted
links while dear to my heart are not an issue here from what little I know.

Given the attack profiles of commercial email services and digging behind
FISA secret warrants
the only way to control and manage any of your mail is to manage your own
mail server.
That is to say that the secret warrant needs to be served on you or someone
on the external wire
connection.   No doubt Hillary and Bill are only a degree or two away from
criminals,
good and bad,  national leaders...   this eliminates commercial services
like Yahoo, Google,
Microsoft....  The piles of secret warrants would slurp up wedding plans,
yoga workout
hints cookie recipes and more.

The number of emails mentioned is large: sent, received, cc, bcc large
enough that
incoming filters and folders would have made the bucketing of mail
necessary.
These buckets would make compliance with the request almost easy.  The
large numbers
transferred to the state department also tell me that there was a retention
policy
approaching 100%.     The To: and From: pairs should make omissions almost
easy to
discover from the .gov (united states) side.

Back to large... the message page count "by her count, she had found some
30,000
official-business emails covering 55,000 pages" is so large that sorting
through them
for bits of lint to spin and weave into something political challenges my
skeptical mind.

Back to Venafi they have a product to sell.   This is a good newsie topic
to analyze and turn
into marketing literature and a case study that CIOs and CFOs of all
companies need to think
about.  Sony may be a new customer ;) already.

One disclosed message -- paraphrased:   "B meet me in Georgetown at the
cafe nearest the
statue of Old Fuss and Feathers" needs explanation.




-- 
  T o m    M i t c h e l l
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150311/20737403/attachment.html>

More information about the cryptography mailing list