E-Mail Encryption: Why Isn't Everyone Doing It?

David Picón Álvarez eleuteri@myrealbox.com
Sat Oct 26 01:25:02 2002


--pFTkz1fZ.5XiMkIG0nnxfhpcRy8C.PaU
Content-Type: text/plain;
	charset="Windows-1252"
Content-Transfer-Encoding: 7bit

Hi,

I remember having come up with an idea of the sort and posted here and most
people thought it wasn't very useful because it was far too weak. If people
think it's still a useful thing to have then I'd like to make a couple of
points here:

> The basic idea was a web form where a user could paste their key or an
> email address to send it the key to.  The program would then email a
> challenge string to each email address on the key.  If the challenge
> came back signed by the user's key, then the program would sign that
> user ID with its own key.

There's a program that does something close enough to this at hushmail, for
free. Unfortunately, hushmail's certification key is not on the keyservers
so it's not streight forward to verify the signature. I suppose it would be
possible to a) extract the key from hushmail and send it to a keyserver
though that would be rude or 2) convince hushmail to send its key.

As well, biglumber.com has a similar mechanism for account creation though
it doesn't culminate with a certifying signature, but just with the
validation of the account.

I've been thinking that if there would be a trojan or something on the
machine of the user most security would still be lost anyway, but I've been
thinking of ways to de-automatize the process just enough to ensure human
intervention. Among what I have thought of are to ask for a number which is
contained on a graphic (the graphic would have to be noisified a bit), to
ask for a number contained in a sound sample, or to ask for easy questions
(ideally one-time) that anyone should know or at least could find out in
google in 1 min like who's the president of the US or what country is Berlin
in?

> One gotcha we can avoid, if there are multiple levels of certification
> in the future, is to use a different signing key for each.  That way
> users can trust the signing key for the exact service they want.  I
> understand Thawte got this detail wrong when they set up their PGP
> signing service.

Good idea.
BTW, why is it so that we can't use thawte?
At least I've been told so.

--David.



--pFTkz1fZ.5XiMkIG0nnxfhpcRy8C.PaU
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----

iQQXAwUAPbnT84Vy4iYQ9LKqFAJADhAAthTZ43GxQ1ahZdlyqRjq5FSgUv4YZYVN
sM3Fl7G6QScboWLkRFo91puA+69+9ayNYyltAYwWGbIC2SQK0xPY3UAhiwi7z3np
n6dGx0NFWTOPAJ7t+ekklBzZBwIyjZ8wbd7JSgCQ9fFt5NjLV3xCokqOPr4qZ2Uz
3NilEqG4jF4e6LIP2wQ4KA5DQIMx/RSYubVr7VhMES67oIAyR26E3F2E3yqhrqEk
QG9Qd83UyJwUKg/RUgGoBBCUWnJrz0JMltoQsCQ9gtoewvGB69HRhCVh2YkaoE8J
8hoK+wHA1rLAPcUCVbPqRwL0U3bilnuktbNANuF5rW4VAGpdH2a3/jivqlOnZd+8
rqocVlRq94YUX+OedfqVkSfFcO6RxNIRZ2NuQ6u0m7z+L+jMgiTE3mh07F2ev342
lorQ5aA42Qcnj3/Kgvvbi5S4nX9sJP1hgeGle09j0oTRQeuLu89SyDq6AsfPbUI8
BUXI0E3BBLuJt+FKLzUw+HSeZAFn2aKiPwmtH7lP2+CALnJweiuFPUM+/844RtSR
Q186JnfnOJsTDypwFplmubEoTrM3JwLW+q0KHhLHE9XcngV8dtDmDEygg6gOyhsz
OafhwHbj0EQqyVVuKyEk61dvy1Mu/Y9p2NkWy2lpWF6/sfhpy814DXvoy1qRvdKP
dJTjFasvjw4P/0EA5hsVLIeQkWgdB2O35egw89nW69vhZqr/U8v/PxSS7MKiyswE
V9jfdnD+XWr8wbPycM0kyYAX9qHlMwBqjhFpoUXMMKw50noVNL+xa/6VU3CnXavE
rlCo6WJRtRNkwaXO58KkElq+ZrGXTm9xH2jjOPSHr+a2z2viEWgzTyBbcszsgDja
XBLRhkOOSHum64QYeHHshQX8bPQ4pSbSZpb3TS6DDPZECBT6CulhAAsYow1D4O5a
PCwRvPX9weIdnmOJ4RYu05pTzJ9dN/9/HdTydPYnFqtdLuKf6PDHrPupgvmtKCzJ
7YdzC0j90Bbfp6urgouWu3V8RIXbReBW51YbwwV0gv2zwDfh2VynBWzPm5oE8zi3
IhWnftkL902EbcR92B9XQSTcedvA9r2h3bNW7+fUjulJELB/v5cqBn4/TgLHetHu
S8icQaa8kScw8WQQKwbgePokkqyFXLuUiZIo3ZYkkUbmtwS9KPI/X+NeFG+B/2HA
Yld/BldwjSEbOBCYG3wTcxh+TKnCI8qNv1d7gwkG/TmuSANYkF6Y0SYworB3M/dH
vtAbq1CTKBha1STdiSqymiOIVdyNLT8rXisXxdyq5jMPfIFBJzMBK6QeOMAlRGcM
DEt6zslTyv8wO8QPiPIQB/43wB42r9fT0df8u2xJpUhC1dFMB6aHHRWf
=yQQG
-----END PGP SIGNATURE-----

--pFTkz1fZ.5XiMkIG0nnxfhpcRy8C.PaU--