Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: GnuPG: users

STEED - Usable end-to-end encryption

 

 

First page Previous page 1 2 3 4 Next page Last page  View All GnuPG users RSS feed   Index | Next | Previous | View Threaded


wk at gnupg

Oct 17, 2011, 11:11 AM

Post #1 of 80 (6539 views)
Permalink
STEED - Usable end-to-end encryption

Hi!

Over the last year Marcus and me discussed ideas on how to make
encryption easier for non-crypto geeks. We explained our plans to
several people and finally decided to start a project to develop such a
system. Obviously it is based on GnuPG but this is only one component
of the whole system. We prepared a short paper; if you are interested
you may download it from

http://g10code.com/docs/steed-usable-e2ee.pdf

There is also a brief (for now) web page dedicated to this project:

http://g10code.com/steed.html



Salam-Shalom,

Werner


--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.


_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users


jerome at jeromebaum

Oct 17, 2011, 11:25 AM

Post #2 of 80 (6443 views)
Permalink
Re: STEED - Usable end-to-end encryption [In reply to]

> http://g10code.com/docs/steed-usable-e2ee.pdf

Skimmed over this. You say that you need ISP support to get the system
adopted (for the DNS-based distribution). Wouldn't that hinder adoption?
hotmail and the like still don't support POP3 or IMAP in a standard
account, and they are still popular options.

So obviously email providers aren't the right place to look to get a
technology deployed, especially one that hinders their access to email.

How about an opportunistic approach? This email should include the
following header:

OpenPGP: id=C58C753A;
url=https://jeromebaum.com/pgp

The MUA could recognize a header like this one and remember that there's
a certificate -- so the next email we send will be encrypted. The first
email couldn't be, but is that worse than no encryption at all?

Basically something like Strict-Transport-Security.

What do you think?

Like I said this is based on a quick skimming of the paper. Sorry about
the long message.

--
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users


gnupg.user at seibercom

Oct 17, 2011, 1:21 PM

Post #3 of 80 (6459 views)
Permalink
Re: STEED - Usable end-to-end encryption [In reply to]

On Mon, 17 Oct 2011 20:25:04 +0200
Jerome Baum articulated:

> Skimmed over this. You say that you need ISP support to get the system
> adopted (for the DNS-based distribution). Wouldn't that hinder
> adoption? hotmail and the like still don't support POP3 or IMAP in a
> standard account, and they are still popular options.

Are you sure about that?

http://windowslivehelp.com/solution.aspx?solutionid=a485233f-206d-491e-941b-118e45a7cf1b

--
Jerry ✌
GNUPG.user [at] seibercom
_____________________________________________________________________
Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the Reply-To header.


_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users


aaron.toponce at gmail

Oct 17, 2011, 1:32 PM

Post #4 of 80 (6449 views)
Permalink
Re: STEED - Usable end-to-end encryption [In reply to]

On Mon, Oct 17, 2011 at 08:25:04PM +0200, Jerome Baum wrote:
> How about an opportunistic approach? This email should include the
> following header:
>
> OpenPGP: id=C58C753A;
> url=https://jeromebaum.com/pgp
>
> The MUA could recognize a header like this one and remember that there's
> a certificate -- so the next email we send will be encrypted. The first
> email couldn't be, but is that worse than no encryption at all?

I like the idea, but how are you setting the header? I see you're using
Thunderbird, and I don't believe that setting that header is part of
Enigmail. Further, it appears your mail isn't signed. Just curious.

--
. o . o . o . . o o . . . o .
. . o . o o o . o . o o . . o
o o o . o . . o o o o . o o o
Attachments: signature.asc (0.51 KB)


ben at adversary

Oct 17, 2011, 2:00 PM

Post #5 of 80 (6450 views)
Permalink
Re: STEED - Usable end-to-end encryption [In reply to]

On 18/10/11 7:32 AM, Aaron Toponce wrote:
>
> I like the idea, but how are you setting the header? I see you're
> using Thunderbird, and I don't believe that setting that header is
> part of Enigmail. Further, it appears your mail isn't signed. Just
> curious.

No, but it is part of Thunderbird:

http://kb.mozillazine.org/Custom_headers

The process is even less straight forward than using Enigmail would be
for end users.


Regards,
Ben
Attachments: signature.asc (0.16 KB)


jerome at jeromebaum

Oct 17, 2011, 2:21 PM

Post #6 of 80 (6433 views)
Permalink
Re: STEED - Usable end-to-end encryption [In reply to]

On 2011-10-17 23:00, Ben McGinnes wrote:
> On 18/10/11 7:32 AM, Aaron Toponce wrote:
>>
>> I like the idea, but how are you setting the header? I see you're
>> using Thunderbird, and I don't believe that setting that header is
>> part of Enigmail. Further, it appears your mail isn't signed. Just
>> curious.

I don't sign every email I send. I tend to plug in my reader whenever I
sign something important, and then sign other mails while the reader is
plugged in. The reader wasn't plugged in in this case.

> No, but it is part of Thunderbird:
>
> http://kb.mozillazine.org/Custom_headers
>
> The process is even less straight forward than using Enigmail would be
> for end users.

So enabling _Enigmail_'s "Send 'OpenPGP' header" option is difficult now?

Anyway, my point wasn't that we should use Enigmail. It wasn't that we
should use the OpenPGP header. It was that we should have an optional
header that unobtrusively says "by the way, I support encryption".

However the OpenPGP header is a pretty good start as Enigmail supports
it. Whatever solution we use, it should be default-on. Plus we should
use key-servers as not everyone has a place to upload the key, and it'd
be pretty involved for a "dumb" end-user.

--
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users


jerome at jeromebaum

Oct 17, 2011, 2:41 PM

Post #7 of 80 (6425 views)
Permalink
Re: STEED - Usable end-to-end encryption [In reply to]

> http://windowslivehelp.com/solution.aspx?solutionid=a485233f-206d-491e-941b-118e45a7cf1b

Wow, since 2009 (I haven't checked back in a while -- stay clear of
strange hosts like hotmail).

I think the point still stands though. I don't think email providers are
the right place to look for end-to-end encryption technology: Aren't we
trying to _not_ involve the provider in the encryption ("end-point")? Is
it in the interest of the provider that you encrypt your emails? etc.

--
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users


rjh at sixdemonbag

Oct 17, 2011, 2:59 PM

Post #8 of 80 (6462 views)
Permalink
Re: STEED - Usable end-to-end encryption [In reply to]

On 10/17/11 5:21 PM, Jerome Baum wrote:
> So enabling _Enigmail_'s "Send 'OpenPGP' header" option is difficult now?

Unquestionably, indubitably, beyond doubt, *yes*. You are assuming a
level of computer literacy that is beyond 95% of the computing public.
Remember, under 10% of the computing public knows how to use Ctrl-F to
search through a document. [*]

Speaking personally about Enigmail, I routinely get complaints about
Enigmail being broken from people who don't have GnuPG installed,
complaints about Enigmail being too hard to uninstall from people who
have never installed Enigmail (they thought that just by downloading the
.XPI the file was installed automatically), and so forth. All of us on
the Enigmail user-help team have these stories. I'll eat my own hat if
the GnuPG devs don't have their own.

Users aren't stupid, not by any stretch of the imagination. Some of the
worst offenders have been obviously intelligent people who have been
extremely irate about Enigmail, on the grounds that "I'm a freaking
*physician* and I can't understand this, how do you expect regular users
to?!" To them, all I can say is -- it's not about innate intelligence:
it's about whether you possess the skill of computer literacy. We live
in an immensely technological society, and very few people are computer
literate.



[*]
http://www.theatlantic.com/technology/archive/2011/08/crazy-90-percent-of-people-dont-know-how-to-use-ctrl-f/243840/


_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users


jerome at jeromebaum

Oct 17, 2011, 3:07 PM

Post #9 of 80 (6447 views)
Permalink
Re: STEED - Usable end-to-end encryption [In reply to]

On 2011-10-17 23:59, Robert J. Hansen wrote:
> On 10/17/11 5:21 PM, Jerome Baum wrote:
>> So enabling _Enigmail_'s "Send 'OpenPGP' header" option is difficult now?
>
> [long rant about Enigmail]

The emphasis was clearly on "Enigmail", not on whether it's difficult or
not. If you hadn't misquoted me you might have included the bit where I
said this should be default-on (obviously so the user doesn't have to
configure it).

--
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users


aaron.toponce at gmail

Oct 17, 2011, 4:50 PM

Post #10 of 80 (6423 views)
Permalink
Re: STEED - Usable end-to-end encryption [In reply to]

On Mon, Oct 17, 2011 at 08:25:04PM +0200, Jerome Baum wrote:
> How about an opportunistic approach? This email should include the
> following header:
>
> OpenPGP: id=C58C753A;
> url=https://jeromebaum.com/pgp
>
> The MUA could recognize a header like this one and remember that there's
> a certificate -- so the next email we send will be encrypted. The first
> email couldn't be, but is that worse than no encryption at all?
>
> Basically something like Strict-Transport-Security.
>
> What do you think?
>
> Like I said this is based on a quick skimming of the paper. Sorry about
> the long message.

For the uninitiated, http://josefsson.org/openpgp-header/ explains the
'OpenPGP' header, and it's syntax. This was something new to me. A bit of
additional research on whether or not this was something Mutt was planning
on adding led me to http://marc.info/?l=mutt-dev&m=110227240028896&w=2.

I've added it with "my_hdr OpenPGP id=${pgp_sign_as}\;url=...". The only
question remaining, for me, is whether or not it should be "X-OpenPGP" or
"OpenPGP" as the header field name. I've heard various positions on this,
but nothing definitive.

At any rate, I would love to see more client-to-client encryption in email.
I've always wondered if there could be an "OTR" approach to mail, somehow,
so people don't need to generate and manage their own sets of keys, as that
seems to be the largest hinderence to widespread adoption. The only thing
the user should do, is compose the mail, hit send, and everything is
handled with very minimal user interaction.

--
. o . o . o . . o o . . . o .
. . o . o o o . o . o o . . o
o o o . o . . o o o o . o o o
Attachments: signature.asc (0.51 KB)


rjh at sixdemonbag

Oct 17, 2011, 5:27 PM

Post #11 of 80 (6447 views)
Permalink
Re: STEED - Usable end-to-end encryption [In reply to]

On 10/17/2011 6:07 PM, Jerome Baum wrote:
>>> So enabling _Enigmail_'s "Send 'OpenPGP' header" option is difficult now?
>
> The emphasis was clearly on "Enigmail", not on whether it's difficult or
> not.

And the answer to your question is obviously, "Yes."

> If you hadn't misquoted me you might have included the bit where I
> said this should be default-on (obviously so the user doesn't have to
> configure it).

As soon as you can figure out a way to do this, I'll take it seriously.
Until then, this is magic pixie dust.

Everyone has an idea for how to do this: I've yet to see a single one
that actually stands any chance at success. The more you make the
process automated the more fragile and exploitable it becomes. The more
you shift the burden to people, the better your chances of resistance to
attack but the worse the learning curve and adoption rates become.



_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users


wk at gnupg

Oct 17, 2011, 11:46 PM

Post #12 of 80 (6446 views)
Permalink
Re: STEED - Usable end-to-end encryption [In reply to]

On Mon, 17 Oct 2011 20:25, jerome [at] jeromebaum said:

> Skimmed over this. You say that you need ISP support to get the system
> adopted (for the DNS-based distribution). Wouldn't that hinder adoption?

Please look at how most people use mail: They get a mail address from
their ISP, a preinstalled MUA and so on. Mail works for them instantly;
if it does not work, they change the provider or don't use mail. Thus
to allows allow for instant use of encryption it is important to have
encryption on by default and so you can't do that without getting ISPs
interested in it.

> How about an opportunistic approach? This email should include the
> following header:

See above. Further the problem with such headers is that it is a local
configuration highly dependent on the used MUA. More and more users are
reading mail with at least two devices. Thus a certain degree of MUA
independence is required. Access to the DNS is required anyway thus it
is an obvious solution to use it for key distribution.


Shalom-Salam,

Werner

--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.


_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users


simon at josefsson

Oct 18, 2011, 1:24 AM

Post #13 of 80 (6410 views)
Permalink
Re: STEED - Usable end-to-end encryption [In reply to]

Aaron Toponce <aaron.toponce [at] gmail> writes:

> I've added it with "my_hdr OpenPGP id=${pgp_sign_as}\;url=...". The only
> question remaining, for me, is whether or not it should be "X-OpenPGP" or
> "OpenPGP" as the header field name. I've heard various positions on this,
> but nothing definitive.

No X-OpenPGP please. It was a broken idea that prevented
standardization of headers that gain popularity. The X- idea was
removed from the latest revision of RFC 822.

/Simon

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users


melvincarvalho at gmail

Oct 18, 2011, 2:50 AM

Post #14 of 80 (6431 views)
Permalink
Re: STEED - Usable end-to-end encryption [In reply to]

On 17 October 2011 20:11, Werner Koch <wk [at] gnupg> wrote:
> Hi!
>
> Over the last year Marcus and me discussed ideas on how to make
> encryption easier for non-crypto geeks.  We explained our plans to
> several people and finally decided to start a project to develop such a
> system.  Obviously it is based on GnuPG but this is only one component
> of the whole system.  We prepared a short paper; if you are interested
> you may download it from
>
>  http://g10code.com/docs/steed-usable-e2ee.pdf
>
> There is also a brief (for now) web page dedicated to this project:
>
>  http://g10code.com/steed.html

Have you had a look at?

http://retroshare.sourceforge.net/

It has a very good integration with GPG

>
>
>
> Salam-Shalom,
>
>   Werner
>
>
> --
> Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
>
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users [at] gnupg
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users


jerome at jeromebaum

Oct 18, 2011, 6:30 AM

Post #15 of 80 (6407 views)
Permalink
Re: STEED - Usable end-to-end encryption [In reply to]

>> Skimmed over this. You say that you need ISP support to get the
>> system adopted (for the DNS-based distribution). Wouldn't that
>> hinder adoption?
>
> Please look at how most people use mail: They get a mail address from
> their ISP, a preinstalled MUA and so on. Mail works for them
> instantly; if it does not work, they change the provider or don't
> use mail. Thus to allows allow for instant use of encryption it is
> important to have encryption on by default and so you can't do that
> without getting ISPs interested in it.

I know a number of "power users" that aren't savvy enough to configure
gpg4win but are savvy enough for their share of MUAs. The MUA in this
case isn't supplied by the ISP.

In fact to my knowledge outside of webmail and inside "private email"
(so drop companies, universities, schools) it's usual to configure your
own MUA, with the help of instructions from your ISP.

So yes the ISP is useful in helping with adoption (never said this isn't
true, I fully agree) but this absolute "ISP or not at all" approach bugs me.

>> How about an opportunistic approach? This email should include the
>> following header:
>
> See above. Further the problem with such headers is that it is a
> local configuration highly dependent on the used MUA. More and more
> users are reading mail with at least two devices. Thus a certain
> degree of MUA independence is required. Access to the DNS is
> required anyway thus it is an obvious solution to use it for key
> distribution.

I was saying "if we have to extend the MUA anyway, we might
as well add this header". We have to extend the MUA or otherwise it
doesn't support end-point encryption.

I don't see how DNS changes need to be made "anyway". So take an average
email provider and assume I don't have any zones delegated to me. I can
upload my key to the keyservers just fine. I can add this header just
fine. I can attach the key to my emails just fine. I don't need the ISP
to do anything in his DNS zone.*

(Now before someone comes up with "yeah but the end-user doesn't know
how to", *a computer can do all of this just fine*.)



I'm not saying the ISP wouldn't be helpful when it comes to deploying
this. Using Hushmail is obviously easier than installing and configuring
gpg4win. I just don't like this absolute approach of "we need the ISP,
there's no way to do this without them, so let's not even try." What
speaks against a hybrid approach (use the ISP if they support it, do it
on our own if they don't)?

I'd think what speaks against should be "takes more work to develop" or
"adds software complexity", not theoretical arguments about how this
can't be user-friendly. The "header vs. DNS" question doesn't even
relate to user-friendliness as it should happen behind the scenes. The
only effect cooperation with ISPs would have is that some users get a
message saying we don't support their ISP. I'm trying to suggest a
solution that drop this message for those users.



* To show that I think DNS is useful:

;; ANSWER SECTION:
jerome._pka.jeromebaum.com. 3596 IN TXT
"v=pka1\;fpr=A0E4B2D494E620EE85BAE45B63E42BD8C58C753A\;uri=http://jeromebaum.com/pgp"

(Hmm I should update that to the https version. I'll do this "tomorrow".)

--
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users


mwood at IUPUI

Oct 18, 2011, 6:42 AM

Post #16 of 80 (6409 views)
Permalink
Re: STEED - Usable end-to-end encryption [In reply to]

On Mon, Oct 17, 2011 at 05:50:42PM -0600, Aaron Toponce wrote:
[snip]
> At any rate, I would love to see more client-to-client encryption in email.
> I've always wondered if there could be an "OTR" approach to mail, somehow,
> so people don't need to generate and manage their own sets of keys, as that
> seems to be the largest hinderence to widespread adoption. The only thing
> the user should do, is compose the mail, hit send, and everything is
> handled with very minimal user interaction.

"Three can keep a secret, if two of them are dead."

If your computer holds the ultimate secret, anyone who can control the
computer can use that secret. The user *must* be actively involved.
We can remove *needless* complexity, but security could be said to be
the art of *introducing* specific complexity that's a lot worse for
the attacker than it is for you. It can't be automagical.

Anyway, key generation is already automated. All you have to do is
(1) choose to employ crypto, and (2) supply a passphrase that you can
remember. There are even methods and tools to help you do (2)!

To be secure without being involved in the process is an unreasonable
expectation which can never be met. We need to teach our kids to
expect to protect themselves online the same way we teach them to look
both ways before crossing the street. Probably at the same age.
Otherwise they'll grow up to believe the hype that you can buy
security the same as buying bread.

--
Mark H. Wood, Lead System Programmer mwood [at] IUPUI
Asking whether markets are efficient is like asking whether people are smart.


wk at gnupg

Oct 18, 2011, 6:42 AM

Post #17 of 80 (6441 views)
Permalink
Re: STEED - Usable end-to-end encryption [In reply to]

On Tue, 18 Oct 2011 15:30, jerome [at] jeromebaum said:

> In fact to my knowledge outside of webmail and inside "private email"
> (so drop companies, universities, schools) it's usual to configure your
> own MUA, with the help of instructions from your ISP.

Well, so we need to convince them to change those instructions.


Salam-Shalom,

Werner


--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.


_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users


mwood at IUPUI

Oct 18, 2011, 7:00 AM

Post #18 of 80 (6419 views)
Permalink
Re: STEED - Usable end-to-end encryption [In reply to]

I don't see why the ISP has to be the entity providing DNS lookup.
The one I use won't even allocate me a static address, let alone
accept RRs from me to serve out to others. I'm not sure I'd trust
them to get it right and *keep* it right anyway.

If the ISPs won't cooperate, maybe the antivirus vendors would.
They're already in the data security business, already have an
extensive network presence, and already get money from me to help me
secure my information assets. Build enrollment into the AV product or
provide a separate setup tool. It should be simple.

Likewise there are freestanding DNS providers out there who already
have the infrastructure and the experience, are already serving some
of us, already get money from some of us. This could be a welcome
source of a little more income for very little more cost, or a freebie
to get you in the door like free DDNS does.

(I should read the paper; maybe this has been addressed.)

--
Mark H. Wood, Lead System Programmer mwood [at] IUPUI
Asking whether markets are efficient is like asking whether people are smart.


peter at digitalbrains

Oct 18, 2011, 7:30 AM

Post #19 of 80 (6403 views)
Permalink
Re: STEED - Usable end-to-end encryption [In reply to]

On 18/10/11 16:00, Mark H. Wood wrote:
> I don't see why the ISP has to be the entity providing DNS lookup.

Because it is the e-mail address of the recipient you look up; that's all the
data you have in this scenario. Thus, for me you would look up a key
corresponding to user peter at the domain digitalbrains.com. The only logical
place to look for that without further information is in the domain
digitalbrains.com, which is under control of the e-mail provider. ISP here means
e-mail provider, by the way, perhaps that is the confusion. Unless I'm the one
confused ;).

Peter.

--
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at http://wwwhome.cs.utwente.nl/~lebbing/pubkey.txt

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users


jerome at jeromebaum

Oct 18, 2011, 7:35 AM

Post #20 of 80 (6429 views)
Permalink
Re: STEED - Usable end-to-end encryption [In reply to]

>> In fact to my knowledge outside of webmail and inside "private email"
>> (so drop companies, universities, schools) it's usual to configure your
>> own MUA, with the help of instructions from your ISP.
>
> Well, so we need to convince them to change those instructions.

Yes and this is what I said: It's useful to get the ISP involved. But
it's not necessary -- Google doesn't provide instructions on how to
enable send receipts in Outlook. I would guess that there are users out
there using gmail that use read receipts.

So yes, definitely get the ISPs involved. But let's not rely on them. A
good, easy-to-use (easy-to-install) plugin for Outlook '03/'07/'10
should go a long way to getting people to use end-point encryption.

The main value I would see in the STEED proposal is to make this whole
process easier for the user. The UI for keyring management and crypto
operations will be the most important part to making that work, and the
ISPs don't have to help out there (modulo webmail which isn't even
end-point).

--
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users


jerome at jeromebaum

Oct 18, 2011, 7:39 AM

Post #21 of 80 (6407 views)
Permalink
Re: STEED - Usable end-to-end encryption [In reply to]

> ... We can remove *needless* complexity, but security could be said
> to be the art of *introducing* specific complexity that's a lot worse
> for the attacker than it is for you. It can't be automagical.
>
> Anyway, key generation is already automated. All you have to do is
> (1) choose to employ crypto, and (2) supply a passphrase that you
> can remember. There are even methods and tools to help you do (2)!
>
> To be secure without being involved in the process is an
> unreasonable expectation which can never be met. We need to teach
> our kids to expect to protect themselves online the same way we teach
> them to look both ways before crossing the street. Probably at the
> same age. Otherwise they'll grow up to believe the hype that you can
> buy security the same as buying bread.

So let's put up traffic lights to help them and employ some crossing
guards to teach them the first steps until they are old enough to make
their own decisions.

Or put another way, we could make the process automagical until the user
has enough experience with the tool to do this themselves. The question
is whether we should -- false sense of security, "reasonable" threat
model, etc.

Either way, it's better to encrypt to key that you _think_ is the
recipient's key than to none at all*, because now your passive attacker
is helpless.

* Under a specific set of threat models.

--
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users


jerome at jeromebaum

Oct 18, 2011, 7:45 AM

Post #22 of 80 (6395 views)
Permalink
Re: STEED - Usable end-to-end encryption [In reply to]

> I don't see why the ISP has to be the entity providing DNS lookup.
> The one I use won't even allocate me a static address, let alone
> accept RRs from me to serve out to others. I'm not sure I'd trust
> them to get it right and *keep* it right anyway.

I should clarify. An email provider is also an ISP, and I was referring
to the email-provider type of ISP. But yes I agree that we shouldn't
trust the ISPs too much and that's why I keep saying we shouldn't rely
solely on them.

> If the ISPs won't cooperate, maybe the antivirus vendors would.
> They're already in the data security business, already have an
> extensive network presence, and already get money from me to help me
> secure my information assets. Build enrollment into the AV product or
> provide a separate setup tool. It should be simple.

This I'm not too sure if we can trust an AV vendor more or less than an
ISP. That's the problem with making these decisions for the user: We're
pushing the trust onto them, just like the CA root certificates in most
browsers.

The trust decision should be with the user. In a user-friendly way.
Also, I want world peace.

--
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users


wk at gnupg

Oct 18, 2011, 8:41 AM

Post #23 of 80 (6432 views)
Permalink
Re: STEED - Usable end-to-end encryption [In reply to]

On Tue, 18 Oct 2011 16:30, peter [at] digitalbrains said:

> Because it is the e-mail address of the recipient you look up; that's all the
> data you have in this scenario. Thus, for me you would look up a key
> corresponding to user peter at the domain digitalbrains.com. The only logical

Right. That is the whole point. We want to make keys invisible. You
can't explain easily why you need a separate public key if you already
have an email address. Thus from the user's point of view the email
address is the public key.

> digitalbrains.com, which is under control of the e-mail provider. ISP here means
> e-mail provider, by the way, perhaps that is the confusion. Unless I'm the one

Sure, email provider. However for most users this is identical to the
ISP: First of all they need a connection to the Internet. Unless you
spend a lot of money for the connections you will get an email address
along with your user identification for DSL access.

The email provider sets up something like /etc/aliases for the mail
address and some of them also enter records into their zone file with
the mailbox name for anti-spam protocols. They need to enter yet
another record into a zone file to allow a key lookup by the assigned
mail address.


Salam-Shalom,

Werner



_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users


wk at gnupg

Oct 18, 2011, 8:58 AM

Post #24 of 80 (6427 views)
Permalink
Re: STEED - Usable end-to-end encryption [In reply to]

On Tue, 18 Oct 2011 15:42, mwood [at] IUPUI said:

> To be secure without being involved in the process is an unreasonable
> expectation which can never be met. We need to teach our kids to
> expect to protect themselves online the same way we teach them to look

We did this for about 15 years - without any success. If you look at
some of the studies you will see that you can't teach that stuff to
non-techies - sometimes not even to engineers.

Let's compare it using an example from the not too far past: It has been
claimed that most VCRs used to blink 12:00 but nevertheless they were
sold and did what they should do: tape movies. This is similar to mail:
Everyone is able to send and receive mail but most are not able to (set
the VCR timer|encrypt the mails). Newer features in VCRs set the clock
automatically and make the timer setting task much easier in the user
interface (e.g. by selecting the title of the movie you want to tape
from a electronic program magazine). This user experience is what we
need to aim for.

> both ways before crossing the street. Probably at the same age.

That is easy because we have learned over thousands of years to use our
senses to be safe. Our senses for those small electrons are not as
matured as the the others. Why should they - we know about them only
for maybe 300 years.


Shalom-Salam,

Werner

--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.


_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users


wk at gnupg

Oct 18, 2011, 9:00 AM

Post #25 of 80 (6410 views)
Permalink
Re: STEED - Usable end-to-end encryption [In reply to]

On Tue, 18 Oct 2011 16:35, jerome [at] jeromebaum said:

> operations will be the most important part to making that work, and the
> ISPs don't have to help out there (modulo webmail which isn't even
> end-point).

Even webmail. It is easy to write a browser extension to do the crypto
stuff. Installing browser extensions is even easier than installing
most other software.


Salam-Shalom,

Werner

--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.


_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

First page Previous page 1 2 3 4 Next page Last page  View All GnuPG users RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.