[Standards] RFC 3923 (e2e with S/MIME) and OpenPGP

Peter Saint-Andre stpeter at stpeter.im
Tue Jul 16 17:30:13 UTC 2013

Hash: SHA1

On 7/16/13 4:27 AM, Carlo v. Loesch wrote:
> On Tue, Jul 02, 2013 at 09:32:50AM +0200, Daniele Ricci wrote:
>>> (1) Matt's work on draft-miller-xmpp-e2e (2) OTR (potentially
>>> with future enhancements to make it more XMPP-friendly)
>>> Some energy is going into both of those (Paul Wouters and I
>>> plan to sync up at the IETF meeting at the end of July to work
>>> on an Internet-Draft providing informational documentation
>>> about OTR). Since you seem to care about this issue, your
>>> feedback would be welcome.
> Both of these approaches do not protect meta-data (who is talking
> to whom) and allow for statistical attacks on the packets (guess
> what's inside by the size etc).

Neither OTR nor Matt's approach claim to protect metadata.

> More advanced forms of e2e messaging could be torchat and
> retroshare, although I'm not sure they provide forward secrecy.

I'm sure other approaches will be emerging soon, given recent events.

> Since XMPP isn't suitable for keeping meta-data private I would
> presume that e2e privacy is out of scope for this mailing list,
> really.


> No comment on heml.is except that there is a solid lack of
> competence in its design. You don't do e2e with pgp over servers.
> That provides neither meta-data privacy nor forward secrecy.
>> Sure! Because my needs are "mobile-oriented", I have to implement
>> some e2e solution that works when both users are online or not
>> (something like offline-storage OTR?). Of course an "offline"
>> solution is less
> That's the point in OTR: It does a DHE for forward secrecy, but
> that is only possible when both sides are online. What you can do
> for offline messages are to choose between these options: - Make
> the forward secrecy less "perfect" by keeping a DHE alive until 
> both parties are online at the same time again for renegotiation.. 
> - Use PGP until both are online again, but then warn the user that 
> the message can be decrypted by authorities if his or her device 
> gets seized by police.
>> safe than an online one, but of course there might be a
>> compromise (warning the user that e.g. forward secrecy might be
>> compromised because recipient is offline might be an option).
>> Anyway, please keep this in mind when you will discuss your new
>> Internet-Draft.
> Yes, and you should also warn the user that if her smartphone
> still has the factory operating system there may already be an NSA
> backdoor in place before even installing any communications
> software.
> IMHO the only way to offer a confidential e2e communications 
> experience over smartphones is by offering an operating system 
> replacement with builtin onion routing messaging layer.. be it tor,
> retroshare or gnunet. XMPP is no longer appropriate for this
> scenario.

Life was different back in 1999 and we were all more innocent.


- -- 
Peter Saint-Andre

Version: GnuPG/MacGPG2 v2.0.19 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/


More information about the Standards mailing list