1996-08-24 - Re: Securing Internet mail at the MTA level

Header Data

From: Adam Shostack <adam@homeport.org>
To: sopwith@redhat.com (Elliot Lee)
Message Hash: cb944fdbb7d1b08b7804cfd030b30121b166a1ae5185db8859ae05b612da10f0
Message ID: <199608232230.RAA12411@homeport.org>
Reply To: <Pine.LNX.3.95.960820170631.8463B-100000@dilbert.redhat.com>
UTC Datetime: 1996-08-24 00:00:41 UTC
Raw Date: Sat, 24 Aug 1996 08:00:41 +0800

Raw message

From: Adam Shostack <adam@homeport.org>
Date: Sat, 24 Aug 1996 08:00:41 +0800
To: sopwith@redhat.com (Elliot Lee)
Subject: Re: Securing Internet mail at the MTA level
In-Reply-To: <Pine.LNX.3.95.960820170631.8463B-100000@dilbert.redhat.com>
Message-ID: <199608232230.RAA12411@homeport.org>
MIME-Version: 1.0
Content-Type: text


Elliot Lee wrote:
| On Tue, 20 Aug 1996, C Matthew Curtin wrote:

| > Two types of approaches are possible:
| >     1. Adding to the SMTP protocol itself, allowing for MTAs to
| >        identify crypto-capable peers, and then performing
| >        authentication and session encryption where possible.

like pgpsendmail?

| >     2. Waiting for a cryptographic transport layer network protocol
| >        (such as what is being proposed in draft-ietf-tls-ssh-00),
| >        allowing SMTP to remain untouched, and only requiring MTAs to
| >        add support for the new network protocol.

| >     2. Is there another approach that could work better?
| >     3. Is there interest in adding SSH functionality to sendmail in
| >        the near future (either by the draft spec, or once the RFC has
| >        been published)?
| 
| Have you looked at SSL? It allows different algorithms to be used, etc.
| etc. (although the certificate & key distribution method uses x509, which
| may be a pain...?). The SSLeay library is a freely available
| implementation of SSLv2.

	The big problem with adding SSL or ssh to mail transport is
that both assume that mail goes from host A to host B, with none in
between.  This is useful, but its more useful (IMHO) to integrate something
that doesn't use online key exchange to ensure end to end security.

	Take for example, Alice sends mail to Dave via Brian and
Charlie.  A point to point protocol, while useful against Eve and
Mallet, doesn't address the fact that Brian works for the NSA.  While
if Alice's sendmail encrypts the message to Dave, then Brian and
Charlie are reduced to traffic analysis instead of reading the mail.

	The case of mail being carried by an intermediary is still
pretty large.

	In any event, I don't see an advantage other than buzzwords to
using SSL/SSH over PGP, while I do see advantages to pgp.

Adam



-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume






Thread