[cryptography] [Cryptography] Email is unsecurable

Ben Laurie ben at links.org
Sat Nov 30 18:07:43 EST 2013


On 27 November 2013 21:50, Stephen Farrell <stephen.farrell at cs.tcd.ie>wrote:

>
>
> On 11/27/2013 09:29 PM, Nico Williams wrote:
> >
> > Viktor Dukhovni says that anything like DKIM/SPF is bound to fail.
> >
> > One problem is confusables: users can't really distinguish them, and
> > some can be counted on just doing whatever it takes to give their money
> > to the phisher, no matter what.  In other words, the problem with e-mail
> > is that strangers can start conversations with you.  (Whereas with web
> > services you start the conversations with them, which is not as big a
> > problem.)
>
> I'm not talking about MUAs at all here though.
>
> On 11/27/2013 09:24 PM, Natanael wrote:
> > So, Convergence/Perspectives done on email headers?
> >
>
> Almost. (I'm sure we could throw in a twist of CT too to
> keep Ben happy:-)
>

I am, of course, ecstatic.


>
> But not with the goal of verifying web server public keys.
> In this case we want to verify that the same TLS master
> secret got used on each side of each TLS hop, even for
> anon-DH. But I think is interesting to do that even at
> the level where all we can detect a pervasive attack,
> either due to different TLS master secrets where they
> should be the same or else because of additional
> unexpected or untraceable hops. (Maybe more is achievable
> but that's the attack I'm thinking of right now.)
>

Surely what you want to verify is that the key you saw is the key the
domain owner intended to publish?


>
> Mind you, even if it'd be ok crypto-wise, I'd not be
> surprised if it falls down for some mail reason.
>
> S.
> _______________________________________________
> cryptography mailing list
> cryptography at randombit.net
> http://lists.randombit.net/mailman/listinfo/cryptography
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20131130/23e07dff/attachment-0001.html>


More information about the cryptography mailing list