gpgsm and expired certificates

MFPA expires2013 at ymail.com
Wed Nov 6 00:41:53 CET 2013 

Hi


On Monday 4 November 2013 at 10:43:43 PM, in
<mid:87habrrdnk.fsf at mat.ucm.es>, Uwe Brauer wrote:



>     -  NSA (among others) has abused its resource to
>     read email    worldwide at a very large scale.

Indeed.


>     -  so if a lot of people, say 30 % of all users
>     would encrypt their    email, then NSA statistical
>     approach would *not* work that smooth    and this
>     is a good thing.

Why do you describe it as a statistical approach? 

I guess 30% was plucked out of the air. It would seem self-evident 
that if a sizeable proportion of emails travelled encrypted, the NSA 
etc. would have to do more work to read them. 



>     -  so encrypting email should be easy and look
>     trustful for a    majority of users

I like the idea, but have a bit of an issue with security made too 
easy. Security has to be inconvenient; just a lot more so for a 
would-be attacker than for the person using the security.



>     -  usually public/private key based methods are
>     considered relative    secure (Even Snowden claimed
>     that you could rely on them), this    does not mean
>     that the NSA could not read your email. They would
>     usually try to enter your machine installing a
>     keylogger or    something like this. But this is
>     beyond the statistical method I    mentioned above.

Hopefully, if it was more effort and more cost to read an individual's
mail, that individual might be left alone unless they are a suspect.
But what about an individual two or three communication hops from a
suspect?



>     -  if I understand correctly the real problem is
>     not security of the    the cipher but the
>     authenticity of the sender and so the most
>     common attack is a man in the middle attack. This
>     is true for    both smime and gpg. So comparing
>     fingerprints of public key is a    good thing,
>     which most of us, I presume, don't do.

For most people's communication, it is not encrypted so the main
problem is simply being read in transit, and/or stored. Once you start
encrypting, even without putting the effort in for sender
authentication, it takes more effort to snoop on your mail than on the
majority of people's.



>     -  from my own experience I am convinced that smime
>     is much easier    than gpg[2] for reasons  I am not
>     going to repeat here. (I got 7    out of 10 of my
>     friends/colleagues to use smime, but 0 of 10 to
>     use gpg.)

Depending on the software people are using. I'm willing to accept that 
there are probably more people for whom S/MIME is easier to use.



>     -  one of the reasons some of them hesitated was
>     the fact that the    certificates were offered by
>     some commercial company they did not    know and
>     trust.[3]    They would have had installed it from
>     a government based    organisation, say the
>     ministry of justice though.

I think "know" is the key factor, but "know and trust" is even better.
I suspect a whole lot of people would also be perfectly comfortable if
a certificate were available from the company that supplied their
operating system, or their email application or webmail account. Or
maybe from their bank or ISP.



>     -  so if some government based organisation would
>     do what say commodo    does it would send a signal
>     to the public that it takes privacy    seriously
>     and I think it would encourage more people  to use
>     smime.

The actions of governments and government organisations in so many
countries send signals that they are anti-privacy, or at least not
pro-privacy. I think this small contradictory signal would be in 
severe danger of being drowned out. But now I understand what you 
meant.



>     -  Private certificates, are unfortunately no
>     solution. Yes it is    possible with openssl to
>     generate them, I have done that    myself. However
>     it is very difficult till impossible to convince
>     the main email programs, such as outlook,
>     thunderbird or Apple    mail to use them or to use
>     public keys sent by such    certificates. [4]

The email app I am using to write this message can (almost trivially)
generate and use self-signed certificates for the email accounts it
has configured. The difficulty is getting other people to persuade 
their MUA to accept them.



> Footnotes: [1]  I must add that I don't share your
> general view about government      based organisations.
> I still hope that abuse is the exception not      the
> rule..

I think I mentioned in one of my other postings that I was using 
hyperbole to make my point. I'm not quite _that_ paranoid, but I 
believe in exercising a healthy skepticism.


-- 
Best regards

MFPA                    mailto:expires2013 at ymail.com

Experience is the name everyone gives to their mistakes
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 1075 bytes
Desc: S/MIME Cryptographic Signature
URL: </pipermail/attachments/20131105/6e2227ce/attachment.bin>

More information about the Gnupg-users mailing list