[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Cryptography] Avoiding PGP
- From: "Neuhaus Stephan (neut)" <neut AT zhaw.ch>
- Subject: Re: [Cryptography] Avoiding PGP
- Date: Mon, 19 Mar 2018 07:38:25 +0000
- Accept-language: de-CH, en-US
- Arc-authentication-results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of cryptography-bounces+ben=bentasker.co.uk AT metzdowd.com designates 184.108.40.206 as permitted sender) smtp.mailfrom=cryptography-bounces+ben=bentasker.co.uk AT metzdowd.com
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:cc:list-subscribe :list-help:list-post:list-archive:list-unsubscribe:list-id :precedence:subject:mime-version:content-id:content-language :accept-language:in-reply-to:references:message-id:date:thread-index :thread-topic:to:from:delivered-to:arc-authentication-results; bh=hAnlqBNseExyPoquFgv7uDl8RWCUHYb7QCFDsHwHaW4=; b=jsGCf485qrbYTqPoX3n/W3YFpETgGVxvn4gHvytsUTlkCH5dQtynPMXAphwjbf8GnM gTD1P0JR6Z0gcq1cduuIooiyn30MO5vDoGYxVVUBt4PcOYh6oXBuj7+lFZ1zJesKY9aI KH1I/tQ/WBXF/vjYGqCbj2HJUAxlaa4QYQf82uTn9QwxvhT0RP8E/UXOoO81PGWJ+Kue I4fDplhQQz21Cjp1OgoDTCi6Qka86ONHVoeVYX+4STdeZfu5wnKEP9cnPc6qpEF0qPV6 Wues2h+sbYMKwHKYBSoQwo7p5MtzMri7zJIzzojZgJSVL3k8CU45J1nmXxPLgL6zHzvN CPIg==
- Arc-seal: i=1; a=rsa-sha256; t=1521485265; cv=none; d=google.com; s=arc-20160816; b=A0Ifk8ISEcUwnK4e09etVvOtEyk0BrfoIhES23tqDz/FbV9VK7QbEjTuP5TcLfMeWC EUgUnngzNaYTYfceeeUYAdNbpaJmIyQgPUp/Bfsd3zRKbbhztmQ86fOb3hgbwglBlE2b 1w/73vn3BcXzt5b2iEnhRZv3/sfO/eEWw9q9VjGqxSRL3AEUR6dJNENt/9+kVcDcaOLv ZpioYVtvivhOqT3+frpL0qAkUXuF4w0k4mDG93BVcD9PYgkL0f/1NRiBgAENyuNy5srb PbXLpXlRA6HM/yr+mDttUeJfmDokpDwcJkTl9dftPK1z2eQY+5GW5hOmlwe9aAjgMlJF EVyw==
- Cc: Cryptography <cryptography AT metzdowd.com>
- List-archive: <http://www.metzdowd.com/pipermail/cryptography/>
- Sender: "cryptography" <cryptography-bounces+ben=bentasker.co.uk AT metzdowd.com>
- Thread-index: AQHTu9GrX/g+vKe3YEmx9URBtZr7PaPQOYaAgAXhZoCAARf3gA==
- Thread-topic: [Cryptography] Avoiding PGP
- To: Phillip Hallam-Baker <phill AT hallambaker.com>, Alexander Klimov <alserkli AT inbox.ru>
(I apologise if the quoting comes out wrong, but the email client I'm forced to use, Outlook/Mac, doesn't do proper quoting.)
On 2018-03-18 22:22, "cryptography on behalf of Phillip Hallam-Baker" <cryptography-bounces+neut=zhaw.ch AT metzdowd.com on behalf of phill AT hallambaker.com> wrote:
> Perfect? Good grief... only if you haven't used any application developed since 1995 or so.
+1 to that. Perhaps not entirely coincidentally, the original "Why Johnny Can't Encrypt" article was from 1999: https://www.usenix.org/legacy/publications/library/proceedings/sec99/whitten.html
> I was utterly dumfounded when I used the GPG plug in and received my first encrypted email and had to tell the app to decrypt it. No, that is not acceptable.
+2. Just this week I had the devil of a time finding out which of two keys (containing the same email address) Enigmail was using for encryption and it took me some shell-foo to find and eliminate the unwanted key. My grandma (if she were still alive) would probably not have managed that.
> WoT sounds great until you realize that most people just use the keys on the MIT key server and make no effort to validate them whatsoever. So really good trust has been downgraded to none.
This problem also occurs with X.509-style PKI. People simply substitute "I'm not checking the WoT" for "I'm not checking the certificate". See, e.g., https://www.usenix.org/system/files/login/articles/105484-Gutmann.pdf, which also wins the prize for the article with the shortest abstract so far. Clearly, CAs also don't necessarily always validate the key, so it's not clear that substituting a CA for the user gets you anything.
IMO, WoT fails because the way it works is arcane; some of its assumptions are unwarranted; its default rules are arbitrary and not supported by evidence; and in order to understand whether you should trust a key according to WoT, you need fairly advanced knowledge of logic. Case in point: before we ditched the chapter on email encryption in our Security Basics course, we used to have a WoT exercise in our exams. If my grandma could have understood WoT, there would have been no point in doing that because all students would have received perfect scores on that exercise. (Assuming that students are cleverer than my grandma, who had almost no formal education.)
A slight tangent: I tend to avoid the word "trust" these days. It's too many things to too many people.
> Neither is fit for purpose today.
> Vendors win because they can sell new stuff even if it isn't strictly necessary.
I'm sure they'll like the sound of that.
The cryptography mailing list
cryptography AT metzdowd.com