Re: S/MIME in Thunderbird

Sun, 21 Jun 2009 03:24:46 -0700 

On 19/6/09 15:36, Jean-Marc Desperrier wrote:

Nelson B Bolyard wrote:

if you send an encrypted message to
someone from whom you have never received a signed S/MIME message, you
will
use weak encryption.




Does this assume LDAP for acquiring the certificate without a signed 
S/MIME message?  (So it is only relevant in corporate setting?)



Thank you for this useful description.

I feel it would make sense to open a bug to change this default.

Rational : If someone went the hassle of doing everything it requires to
send an encrypted mail, he needs his message to be encrypted more than
he needs it to be 100% compatible with everybody.




S/MIME is pretty much broken as a design.  IMHO it is not worth fiddling 
around at the edges, because you'll fix one little thing and won't 
achieve a thing.  100 other little things will bring you down.



I think the big picture here is whether the Mozo Messaging people are 
ready to do some serious massaging.  This is no easy question, because 
it will take quite some work up&down the stack, and it will likely upset 
many people because the spirit of PKI will have to be bent to serve the 
user, not the other way around.  So it's not a popular project, who 
really cares enough about users to do all that work, and they will have 
to fight the gladiators of the last century over every feature.




And today 40 bits security is so easy to break that nobody can seriously
call that "encrypted".




I take it very seriously :)  If we had delivered even 40 bit security to 
the masses, I'd say we as an Internet community would have succeeded. 
We couldn't even do that.



Old topic.  The flaw that was introduced was two-fold.  One was the old 
ITAR crypto regulations (as Kyle mentioned), and the other was a sort of 
mad-scientist principle of "crypto agility" which allowed people to be 
incompatible with each other and software to be confusingly complicated. 
 To some extent (and maybe intended) this is the same flaw.  Successful 
designs eliminate or bypass these bugs.




iang
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto






















					Reply via email to