Anders Rundgren wrote:
Michael Ströder wrote:
That there should be as you claim mainly a "UI problem" is an opinion
that has some support in the literature ("Jonny can't encrypt"),
but I feel that it is much deeper than that; security should probably
as in the case of Skype be transparent, not needing any UI at all.
I start Skype and that's about it.
In the absence of further technical details about Skype I believe it's
probably symmetric encryption based on shared secrets derived from user
passwords similar to Kerberos
That is probably correct.
So we agree on that the whole system is based on shared secrets. In
Kerberos the KDC is the ultimate trust point which has to know all
secrets of all parties (users and services). In a PKI you don't need
such an instance. That's far more secure. I'd not accept shared secrets
hosted by a third party for private e-mail.
Also there are privacy concerns. Look at why Microsoft's Passport (AFAIK
based on Kerberos) failed. I don't want a central third party knowing to
whom I sent e-mail. Also another reason not to use Skype.
The main disadvantage and difference to
S/MIME with X.509-PKI is that you need online network access to a
central infrastructure to make use of it. That's ok for a phone
application or instant messenger but not necessarily for e-mail. (I
already pointed this out but you ignored it.)
This is something which I consider debatable. Nothing prevents
you from creating data off-line and then when it is time to send it
away, you invoke the central infrastructure.
I'm often working while traveling by train. I'm off-line then. I want
the encrypted e-mail ready to be in the [Outgoing] folder - protected
right from the beginning.
That such a scheme
has severe limitations with respect to routing is true but if IM
actually works, why wouldn't email?
Instant messaging implies that you are on-line at the moment of writing.
I.e. the IT-landscape has changed, while S/MIME has not.
Because there was no real need. ;-)
Streaming of media indicates that the bandwidth considerations once
considered as crucial are not that valid anymore.
See above. E-Mail is asynchronous (store-and-forward) by nature. The
off-line usage together with S/MIME fits this scheme very well.
Voila! Here there is work to do.
I don't see the need for changing it.
Ciao, Michael.
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
