[Cryptography] [cryptography] Secure universal message addressing

Jerry Leichter leichter at lrw.com
Tue Apr 5 06:07:17 EDT 2016 

> I'm increasingly unConvinced that a good email system really
> requires broadly distributed  public keys at all.  Consider
> the advantages of a system where email addresses are secrets.
> Where you encrypt a message to someone using a secret key
> which that person gave you....
> 
> In the first place, if your address isn't a public key you've
> distributed, then spammers don't, by default, have it.  That's
> kind of the right thing for starters.
> 
> In general I don't want people who have one of my private email
> addresses sharing it around randomly....
> 
> [If a corespondent is attacked and loses my key,] I want to be able to cut off
> the spammers' access to my mailbox.  In order to do that I need
> to be able to identify which key is compromised - a step which
> is useless if everyone you correspond with has the same key.
> 
> I need to contact *THAT* person, and nobody else, to give them a
> new key.  And I need to be able to cut it off without cutting
> myself off from other correspondents....
In other words, a private key (which can be used for symmetric cryptography) solves a number of problems - attribution, recovery from loss, non-transitivity of trust - which don't even get mentioned in most analyses of desirable characteristics of mail (or other communications) systems, so naturally do not influence the choices made it system design.

> So, in summary, email addresses as secret keys are better privacy
> in the first place and better damage control when someone has your
> contact information and you'd rather they didn't.
Yup.

> So why does
> everybody keep trying to build a PKI and revocations and all that
> jazz for a mail system?
Probably because we're still living the dream of the original Arpanet days.  One of the wonderful features email systems provided was the flattening of communications hierarchies.  Anyone could send anyone email.  It sometimes even reached them - Steve Jobs was known for personally responding to email from random customers here and there.

Of course, the dream mainly faded decades ago.  Spammers showed us that open accessibility could have a very dark side.  At those at the top simply interposed the traditional access controllers (admins and such) between them and their "public" email addresses.

The whole idea that you need a way to securely communicate with someone who you've never had any contact with before is mainly incoherent.  If I want to contact "Ray Dillinger" having no previous communications with him whatsoever ... how does it even make sense to ask whether I've reached "the right one"?  I might meaningfully reach "the person using the name Ray Dillinger who listed a contact address on this message" - or "the Ray Dillinger who posts to the Cryptography mailing list" (which in turn I communicate with because years ago I had direct contact with Perry), but neither of these use cases (and very few others) need a PKI.
                                                        -- Jerry

More information about the cryptography mailing list