S/MIME or PGP/MIME?
Lionel Elie Mamane
Fri Dec 7 07:48:01 2001
Content-Type: text/plain; charset=us-ascii
On Thu, Dec 06, 2001 at 05:14:34PM -0800, Paul Holman wrote:
> I think there are a couple really important things to learn from the=20
> S/MIME mailer implementations we've seen:
IMHO, these are convenience-over-security choices.
> 1 Key Propogation
> S/MIME mailers attach the cert to every outgoing message and notice
> when a cert is attached to incoming messages and add it to the
> keyring (mixing metaphors a bit).
Bandwidth waste... And this is polluting the keyring with potentially
invalid (faked) keys. Adding a key to the keyring in the user's back
certainly isn't good an idea.
> 2 Opportunistic Encryption
> Try sending a message to half a dozen recipients when you only have
> keys for half of them. S/MIME mailers will encrypt tho those it
> can, and send cleartext to the rest.
Hu? That's clearly a security risk. If you want the message encrypted
and it silently sends it as cleartext... You mean they really do that?
Oh my god...
> 3 Seamless Integration (My favorite!)
> S/MIME mailers never show you any cyphertext. They just have little
> icons to indicate when a message was encrypted or verified
Mutt does that >:-)
> However, the problem isn't that the mailer developers are doing it=20
> wrong, it is that they haven't been given the tool they need - an open=20
> source OpenPGP toolkit.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
-----END PGP SIGNATURE-----