[148520] in cryptography@c2.net mail archive
Re: [Cryptography] The next generation secure email solution
daemon@ATHENA.MIT.EDU (Guido Witmond)
Thu Dec 19 11:25:24 2013
X-Original-To: cryptography@metzdowd.com
Date: Thu, 19 Dec 2013 11:49:21 +0100
From: Guido Witmond <guido@witmond.nl>
To: cryptography@metzdowd.com
In-Reply-To: <CAMm+Lwj=aUdW1W-utd5EXVgCjGCsyqgdeCMELr+JW_ctBHL2iQ@mail.gmail.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============0270092894992455756==
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature";
boundary="----enig2KFXAKWPBXBXJEGROPMNP"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
------enig2KFXAKWPBXBXJEGROPMNP
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
On 12/18/13 21:22, Phillip Hallam-Baker wrote:
> Guido's scheme is very similar to the one I am planning to build in
> stage 2 of my system. In fact if he wants to build his system he could
> use stage 1 of mine as a development platform.
I was thinking of the other way around. I already have the local CA and
a demo that uses it. :-)
> But I do think it is important to acknowledge one of the lessons we
> learned in spam control: the bad guys will exploit every feedback chann=
el.
>=20
> So when we are dealing with reports of violations of protocols we have
> to be ready for attackers making false complaints.
The beauty of the eccentric protocol is that *only* the site's CA can
sign certificates for its domain. Spammers do not have the site's CA
private key. Spammers cannot create fake duplicates. So if there is a
duplicate certifcate for a certain CN that is signed by the local CA, it
is proof of 'problems' (either malicious or erroneous).
The protocol does not allow CN's to be signed by other CA's. These
certificate will be ignored, dropped.
> Many early spam
> blacklists that had 'zero tolerance' policies lost credibility very
> quickly as people would sign up for mailing lists for the purpose of
> reporting the source as a spammer. Some of the malicious reports were
> intended to sabotage political or commercial rivals. But quite a few
> were made to discredit the lists themselves.
>=20
> The trust problem is very easy if you have some form of ground truth to=
> reference. But no such ground truth exists.=20
The 'Registry of Dishonesty' forms that ground truth. It allows to
verify that a certain CN is used in only *one* certificate. When you
have that proof-of-uniqueness after the first message-roundtrip, you've
established an authenticated channel between the two of you.
This verification must be done for each *new* person/certificate you
encounter. However, people can send CN's to others, giving a certificate
a local meaning. For example, when dealing with a business I get a
reply: "You can deal with these issues with our xxx-department. Contact
them at abc@@domain.tld."
I can look up that CN at the registry, verify it's uniqueness and I
*trust* the sender that it is the correct address of their xxx-department=
=2E
Regards, Gudio.
------enig2KFXAKWPBXBXJEGROPMNP
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Icedove - http://www.enigmail.net/
iQIcBAEBAgAGBQJSss8xAAoJEHPd8GglaNRmzbMP/A5LcK3oLL2PMx6PWnx5aVYr
Sf1+0Wjwh1vrSztXpxbG72ChyuyubIyF/4+Kx024qKJ+UF7ImRqJOQ/EuU4IaqMW
HWV0Q73tyczT4brXOLvvG9uIyQr7YFXiV8IZp0KAFg1yRp96jKpI2uYKkZmBLFLz
0w8MepSH/+bUGMf+1Qa3CvfC2RuUaOpNXL43X55nA1bx1zgB5XG7wCDlxQJsP+sK
9u0I2uWdt4GAzOHNKq8I1J+pHZ4CY8bXDG0+Hmf9VShYqtXzS8WLCTRNM34WAQne
h7ZudEBcxQ/MRDbPO6S56FBn5TPfi+FWm88WIkPvCz3RcB+ANOfmAWd2/A36gubx
tsrYwH76TW4zNFwjZZXLQrlJ8glM3GSvG/BTvcviMDXX6p9gXK5hzolwiGsW3GQh
Q7WFAFUchXByMOutfcja9K1iOljLS8FmohRyJVebVVWEvsO/wTibSwBwlLIA8wbN
Dcq5z6QbFhI+/JXoBO4ZIXuVIPY1ZNoHiFNNskS1fWoNboCITD7GQRQ9SdEGLzFp
5IiV616B4HrmhxX7Dts3NL6dHzET2aa8Yq+AzRAs8bLm0sXK0W0NYDMCxmqDt6om
GuC/Q+yFbHxgZkOHp8UyNvt6w8s3VZXfhQ1FaA72zRSJIrW8YTGlu6jqvRdqJos4
vbaKA2r5v2tLlZZqUNI+
=JpM+
-----END PGP SIGNATURE-----
------enig2KFXAKWPBXBXJEGROPMNP--
--===============0270092894992455756==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
--===============0270092894992455756==--
