[147772] in cryptography@c2.net mail archive
Re: [Cryptography] Mail Lists In the Post-Snowden Era
daemon@ATHENA.MIT.EDU (Peter Todd)
Mon Oct 21 09:26:51 2013
X-Original-To: cryptography@metzdowd.com
Date: Sun, 20 Oct 2013 18:55:52 -0400
From: Peter Todd <pete@petertodd.org>
To: Christian Huitema <huitema@huitema.net>
In-Reply-To: <063e01cecdb9$b62ed750$228c85f0$@huitema.net>
Cc: 'Jerry Leichter' <leichter@lrw.com>, cryptography@metzdowd.com
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
--===============3368431579424691966==
Content-Type: multipart/signed; micalg=pgp-sha256;
protocol="application/pgp-signature"; boundary="mojUlQ0s9EVzWg2t"
Content-Disposition: inline
--mojUlQ0s9EVzWg2t
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Sun, Oct 20, 2013 at 10:27:53AM -0700, Christian Huitema wrote:
> > So what would a reasonable security model for the Cryptography list look
> like? Is it inherently just an open discussion? Or could we come up wit=
h=20
> > something else? If we can do more, what kind of software would be need=
ed
> to make it as free-flowing and easy to participate in and manage as=20
> > the current list?
>=20
> I know of several attempts to do that, and the conclusion always seems to=
be
> that e-mail is not the right tool for this job, and that specialized
> bulletin boards are much easier to deploy.
>=20
> It is pretty clear that end-to-end e-mail encryption using PGP or S-MIME
> does not work for large groups. You end up having to solve the "distribut=
ion
> of the key to a large group," which is a variant of "sharing a secret wit=
h a
> large number of people," pretty much an oxymoron. If you want a solution
Note that you can use broadcast encryption to efficiently encrypt the
messages to multiple recipients. (a deployed example is in the AACS
video encryption) Or more simply keep people's PGP keys on file and have
the mail server encrypt each email.
Mathematically speaking it's an easy problem - what isn't solvable is
that it's impossible of course to prevent people from just
re-distributing the mailing list, other than maybe using traitor
tracing. But maybe in certain smaller to medium-sized communities the
minor amount of security provided might be valuable, especiallly
combined with repudation, like the group OTR messaging work.
--=20
'peter'[:-1]@petertodd.org
000000000000000981d375f993833d899723e0e538268e5a24231735e7fa8b2a
--mojUlQ0s9EVzWg2t
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQGrBAEBCACVBQJSZF94XhSAAAAAABUAQGJsb2NraGFzaEBiaXRjb2luLm9yZzAw
MDAwMDAwMDAwMDAwMDk4MWQzNzVmOTkzODMzZDg5OTcyM2UwZTUzODI2OGU1YTI0
MjMxNzM1ZTdmYThiMmEvFIAAAAAAFQARcGthLWFkZHJlc3NAZ251cGcub3JncGV0
ZUBwZXRlcnRvZC5vcmcACgkQJIFAPaXwkfsJ1Af+IxUmzCTIUTkATBs8LD4MjD+k
EV0UNGT4Oe1MdWzab6POUh0t9pg7SgOgjCcfO01RqtQ1TPhXH8Lw7kndBhiBr5TD
EnxWNcGdnrHb2qQ0H5ZbhPMJNJy/gFcpwJEWDOPerMPHOHct+YgMmpwY+AT4RUBl
rhte3bnvK2Hfb+wtgEY9ccSbDox5v/xaCsK4en1XHGA3HMHV99XDdJKAS7pBwWHr
KVb7KU/rwgBh/+9EUBpwLDfS4u3+3iXu+dloXfXFdD18KTMKIxbwDFYp+eZmjISF
YQK7B8bJJ3a7FEUQlbJhK3l15Vy50rbCFBsyPH1Xv8M/hXYq9ytZ1XPg4rcJvA==
=v5nS
-----END PGP SIGNATURE-----
--mojUlQ0s9EVzWg2t--
--===============3368431579424691966==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
--===============3368431579424691966==--
