Author: Phil Pennock Date: To: exim-users Subject: Re: [Exim] TLS Problem
On 2001-12-28 at 19:26 -0800, Claus Assmann wrote: > On Fri, Dec 28, 2001, Richard Welty wrote:
> > On Fri, 28 Dec 2001 09:43:18 -0800 Claus Assmann <exim@???> wrote:
> > no, you can't, because you can't guarantee that these boxes have not been
> > compromised. i've done a lot of security work, and if there's one thing i
>
> So? What's the difference between STARTTLS and S/MIME etc in
> this respect?
An ISP can (in some jurisdictions) be served with a warrant requiring
them to provide to law enforcement all your communications. If some of
those are protected with cryptography and one side of the cryptographic
set-up is controlled by the ISP, then the interception can (and here
does) require the ISP to either provide cleartext or to provide the
necessary information to decode it.
Yes, that means that if an ISP provides a mail system which supports TLS
then they can be legally required to support the logging of session keys
on a per-user basis and hand those over.
S/MIME and other end-to-end systems require compromise of one of the
end-points. Hop-by-hop presents more targets.
The rest of this email is opinion only and can safely be skipped.
In part, it depends upon who you're protecting against. Where I am, I
do happen to feel that it is reasonable for law enforcement, IF they
have a valid non-fishing warrant, to request such information -- the
bogeymen of the Internet touted by politicians do exist, even though not
on the scale advertised. Note that the European approach is for the LEA
(law enforcement agency) to issue the warrant to the ISP and then the
ISP carries it out, and can object or refuse (perhaps being legally
obliged to if the warrant is patently bad), whereas the US approach is
for the LEA to control the sniffer and just be trusted. The latter is a
set-up just begging for abuse.
Further, in many parts of the world, governments can be heavily abusive.
Email is a world-wide phenomenon. What those in the "first world"
promote, is used in the rest of the world too. If it comes down to a
choice, S/MIME or GPG or whatever is what I will promote, with TLS
providing a useful backup.
Unfortunately, people are lazy and complacement; given one, they'll not
bother with the other. So it does look like being an either/or
situation -- not technically, but socially.
Hence I have no current intention to provide or promote TLS for email on
any system where I have authority to make such decisions.
--
Access Control (v.): Grab the mouse.