what is killing PKI?

[Robert J. Hansen]

On 10/4/2012 7:05 PM, MFPA wrote:
> Searching is not an insurmountable problem

Problems do not have to be insurmountable to have serious effects on
regular users.

John Clizbe maintains a 10Mb archive of every message that's ever been
posted to the Enigmail mailing list.  This comprises tens of thousands
of messages.  If each message is encrypted individually, then searching
through that archive could easily take on the order of a minute or more.
 That's simply unacceptable.

There are, of course, ways to mitigate this.  As near as I can tell
they're all just as bad.  For instance, you could say that each time you
receive an encrypted message, you could add it to the existing archive
with the same key.  Depending on which mode you use, though, this could
result in encrypting the 10mb archive for each and every new message
that comes in.  That's something you really want to avoid.  You could
try to get around that by using more exotic cipher modes (e.g., consider
each message's position in the archive to be an index, and use the index
to set a cipher running in Galois-CTR mode or somesuch), but the more
complicated the scheme becomes the more fragile it becomes.

> How is spam any more of a problem in a scenario where all messages are
> encrypted?

It becomes completely impossible to do enterprise-level spam filtering.
 If I send you email in plaintext, your ISP can check that email against
its spam detection engine and, if my message gets flagged as spam, it
can be automatically redirected to a spam folder.  If I send you email
in ciphertext, your ISP can't do that.

Now, you might say that this is exactly the behavior you want.  If so,
great.  But it's not the behavior that the overwhelming majority of
users want -- I can't count the number of people I know who have
completely switched to Gmail for their email provider just because of
their superb spam filtering.  Many of these people are quite
computer-literate and they know full well that Google is inspecting the
contents of their email to deliver targeted ads -- but that's a tradeoff
they're willing to make if it reduces spam.

> Some will lose (access to) data through carelessness and/or
> misfortune. Two choices: multiple secure backups of the private key
> stored in different locations, or don't bother encrypting. Hmm. Which
> of the two should we promote?

Who says we should promote anything?  Nobody ever elected me Grand
Poobah of the Internet.  I don't think anyone ever elected you, either.
 Instead of telling people what they should do, what's wrong with giving
people options and telling them that it's their responsibility to make
informed choices?


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 187 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20121004/7682ccae/attachment.pgp>