1 |
On 2020-08-28 17:53, Grant Taylor wrote: |
2 |
> On 8/28/20 3:33 PM, Michael Orlitzky wrote: |
3 |
>> TLS only secures the channel; what comes out at the end is a plain-text |
4 |
>> message that can be read with minimal effort by the VPS provider, |
5 |
>> no skullduggery needed. |
6 |
> |
7 |
> I agree that STARTTLS only protects the email while it's in flight |
8 |
> between servers. |
9 |
> |
10 |
> Though I do think that it's going to somewhat difficult for a VPS |
11 |
> provider to read the contents of the message if it's stored on an |
12 |
> encrypted disk. |
13 |
|
14 |
The contents of the disk are unencrypted while the server is powered on, |
15 |
or at least while the server is receiving email (while it's reading from |
16 |
and writing to that disk). In practice that will be all the time -- you |
17 |
can't log in and type the disk-encryption password every time an email |
18 |
arrives. |
19 |
|
20 |
|
21 |
>> Unless the sender and recipient have some pre-shared secret (like GPG |
22 |
>> assumes), |
23 |
> |
24 |
> I *REALLY* thought that PGP (GPG) was based on public & private key |
25 |
> pairs, much like S/MIME and TLS. |
26 |
> |
27 |
> As such, Alice and Bob can encrypt messages to each other, even through |
28 |
> an untrusted medium such as a questionable email server. |
29 |
> |
30 |
> Yes, that still leaves the bootstraping issue of how do Alice and Bob |
31 |
> get each other's public key. -- I defer to my recent comments about |
32 |
> publishing keys in DNS and relying on DNSSEC. |
33 |
> |
34 |
|
35 |
GPG is based on public keys, but you've anticipated my response: |
36 |
public-key encryption still requires you to verify that "my" public key |
37 |
does in fact belong to *me* somehow. If you believe in the web of trust, |
38 |
then someone you know (or someone someone you know knows...) has to have |
39 |
met me in person and signed my key before it means anything to you. |
40 |
|
41 |
I shouldn't have used the word "secret." Pre-established or out-of-band |
42 |
authentication would have been more accurate. |
43 |
|
44 |
With GPG, the trust is between you and I, and the VPS provider acts as |
45 |
the eavesdropper. All three parties are distinct, and the security can |
46 |
work. With TLS between MTAs, the trust is established on-the-fly between |
47 |
the other MTA and the VPS provider, but the VPS provider still also |
48 |
plays the the role of the eavesdropper. When the eavesdropper is |
49 |
trusted, you're in trouble. |