[cryptography] Security Pop-Up of the Day

ianG iang at iang.org
Thu Sep 22 05:53:56 EDT 2011

On 22/09/11 09:37 AM, James A. Donald wrote:
> On 2011-09-22 8:20 AM, Joe St Sauver wrote:
>> Understood that would be the "zipless" ideal, but how would the binding
>> of the private/public keypair to the email address occur then, eh?

Well, it wouldn't, in those terms, you need to unwrap the judo flip 
first.  What you need to do is look at the email before it had a cert 
attached, and consider that as the baseline.  E.g., this one.

Then, next, you see an email with a cert attached.  The second email is 
*at least as good as the first email*.  Obviously, the words in this 
(first) email carry some weight, and attaching a cert cannot reduce that 

It's an interesting judo trick that PKI does with people's minds.  Email 
with a funny cert/sig is apparently worse than email without a 
cert/sig.  Yet, we we sign contracts, negotiate deals, plan marriages, 
get jobs, talk to governments, etc etc, in email without any funky sigs 
& certs.  It's only when we start adding this crypto blah blah does our 
mind starts doing mental flips about the value.

S/MIME achieves the extraordinary feat of subtracting value by adding 
crypto blah blah.  For this reason, people won't use it.  If S/MIME 
stuck to the normal rule of society -- add value -- then we'd be soaking 
in it by now.

( ...  Same flaw with HTTP, which phishers so successfully exploit.)
> Email client generates private/public keypair.  Sends public key to CA 
> server.  CA server certifies that the owner of the private key 
> corresponding to this public key is capable of receiving email at the 
> address, emails certificate it back to ostensible email address.

Right, easy enough.  What the CA would need to do is figure out a way to 
add some value to that process.  Easy enough.


More information about the cryptography mailing list