| 1 |
On Mon, Dec 28, 2015 at 10:07 AM, Kristian Fiskerstrand <k_f@g.o> wrote: |
| 2 |
>> On 28 Dec 2015, at 15:58, James Le Cuirot <chewi@g.o> wrote: |
| 3 |
>> |
| 4 |
>> On Mon, 28 Dec 2015 09:42:40 -0500 |
| 5 |
>> Rich Freeman <rich0@g.o> wrote: |
| 6 |
> |
| 7 |
>>> And this would be why I don't bother to sign my emails any longer. |
| 8 |
>>> The FOSS world is still stuck in the days when people ran X11-based |
| 9 |
>>> MUAs and stored their mail in conventional folders. I've yet to see a |
| 10 |
>>> decent browser-based MUA or Android client which does signing. |
| 11 |
>>> Squirrelmail does, but it is really lacking compared to something like |
| 12 |
>>> Gmail. |
| 13 |
>> |
| 14 |
>> I haven't tried the feature myself but K9 Mail, which is highly |
| 15 |
>> regarded, does it via APG on Android. |
| 16 |
> |
| 17 |
> iirc k9 doesnt support PGP/MIME (RFC3156), but some interesting things happening with OpenKeychain |
| 18 |
> (https://www.openkeychain.org/k-9/ ) in that regard. We actually discussed it a bit during last OpenPGP summit in zurich. |
| 19 |
> |
| 20 |
|
| 21 |
K9 also doesn't support email tagging as far as I'm aware, and I don't |
| 22 |
believe there is a browser version of it either (I do require an MUA |
| 23 |
accessible by a browser, as this is how I compose 99% of my emails - I |
| 24 |
read this email on androids, and am replying from a browser right |
| 25 |
now). To some extent they can be forgiven for not supporting tagging, |
| 26 |
as I don't believe IMAP supports it either, so we need standards as |
| 27 |
well as FOSS clients to make it work. |
| 28 |
|
| 29 |
But, it isn't like I'm paying anybody to solve the problem, so we all |
| 30 |
make do, either living without features or without signatures as the |
| 31 |
case may be. |
| 32 |
|
| 33 |
> The main issue is key storage, though. For signatures you can use a dedicated |
| 34 |
> signing subkey, however you get in problem with encrypted emails as mobile devices |
| 35 |
> are not really secure devices and should never have cryptographic material. What could |
| 36 |
> work in this case is a NFC (or for that matter bluetooth, although it needs to be properly |
| 37 |
> paired etc etc) channel with a separate device with a separate keychain and display so |
| 38 |
> you can verify the request, and never actually expose private key material to the cellphone. |
| 39 |
|
| 40 |
That concern is hardly unique to phones. PCs suffer just as much from |
| 41 |
this problem. The solution could potentially be the same. For |
| 42 |
signing it is a straightforward problem since there is nothing to be |
| 43 |
kept secret except the key material itself (just send the message to |
| 44 |
the signing device, and return the signature back). For encryption |
| 45 |
you have additional challenges if you want to be able to make any use |
| 46 |
of the plaintext without it getting stolen - once decrypted it is only |
| 47 |
secure as any device that comes in contact with it. And there is no |
| 48 |
reason that mobile and browser frameworks couldn't talk to such |
| 49 |
devices with the right standards. |
| 50 |
|
| 51 |
If it were up to me the government would hand out signing devices just |
| 52 |
as they hand out passports. It seems kind of silly in this day and |
| 53 |
age that we haven't solved the key-management problem and half of our |
| 54 |
commerce involves giving 16-digit numbers to everybody we do business |
| 55 |
with and asking them to keep them secret for us. |
| 56 |
|
| 57 |
-- |
| 58 |
Rich |
Archives