Crypto-sendmail (was Crypto Coding Project)

Steve Chew (schew@tis.com)
Fri, 21 Aug 1998 17:59:55 -0400 (EDT)

• Next message: steven.soroka@mts.mb.ca: "Re: Pseudo-random code in asm?"
• Previous message: Kathleen Ellis: "Wired story on AES: "US Announces Crypto Candidates""
• Next in thread: Peter Gutmann: "Re: Crypto-sendmail (was Crypto Coding Project)"
• Maybe reply: Peter Gutmann: "Re: Crypto-sendmail (was Crypto Coding Project)"
• Maybe reply: Enzo Michelangeli: "Re: Crypto-sendmail (was Crypto Coding Project)"
• Maybe reply: Enzo Michelangeli: "Re: Crypto-sendmail (was Crypto Coding Project)"
• Maybe reply: steven.soroka@mts.mb.ca: "Re: Crypto-sendmail (was Crypto Coding Project)"
• Maybe reply: Enzo Michelangeli: "Re: Crypto-sendmail (was Crypto Coding Project)"
• Maybe reply: steven.soroka@mts.mb.ca: "Re: Crypto-sendmail (was Crypto Coding Project)"

>
> I'd like to second Perry's suggestion of
>building a crypto-enabled version of sendmail.
>
[.....]
>
>Instead of having to persuade millions of ignorant
>end users to use crypto email clients and obtain
>keys and certificates, all it takes is a single
>sysadmin installing the proper sendmail or mail
>gateway to provide greatly improved security for
>hundreds of users.
>
>We could protect millions people from espionage,
>without even telling them.
>
>I realize that this is not the perfect end-to-end
>crypto most of us would prefer, but it's far
>better than what most people do today.
>

        I agree that it would be nice to have crypto-enabled sendmail,
but I don't foresee a large number of sysadmins installing it. Maybe if
you lobbied a bunch of ISPs you might get it installed at some of them
and that would encourage more ISPs to use it. I suppose the chicken and
egg issue is a problem no matter what approach you take. I think it's
a worthwhile project to attempt, especially if we heavily market it.
        Ian Brown hasn't spoken up, but I like his Enigma project which
is basically an SMTP/POP3 proxy that sits on your local machine. You can
point your Netscape (or any other) mail reader to use it as its SMTP and
POP3 host. It can look up the PGP keys for users you're mailing and encrypt
the mail you send them. Also, if someone mails an encrypted message to
you, Enigma will decrypt it for you before handing it to the mail reader.
It's nice since it allows you to use your standard mail reader (rather
than having to get a new crypto-enabled one) and it does end-to-end
encryption.
        Check out http://www.cs.ucl.ac.uk/I.Brown/enigma for more details.
The key for Enigma (I feel) is that it has to be brainless to install (so
it can reach the masses). If all one had to do was install it, accept the
defaults, and type in one's passphrase, it might gain a reasonably wide
acceptance. But, it all has to be automated which is non-trivial.
        It's still necessary to market it, I suppose, which is
the main problem with most of these schemes. If it doesn't come installed
and turned on by default with Win98 (or maybe Netscape), then it's going
to have a hard time gaining wide acceptance.

                                Steve

• Next message: steven.soroka@mts.mb.ca: "Re: Pseudo-random code in asm?"
• Previous message: Kathleen Ellis: "Wired story on AES: "US Announces Crypto Candidates""
• Next in thread: Peter Gutmann: "Re: Crypto-sendmail (was Crypto Coding Project)"
• Maybe reply: Peter Gutmann: "Re: Crypto-sendmail (was Crypto Coding Project)"
• Maybe reply: Enzo Michelangeli: "Re: Crypto-sendmail (was Crypto Coding Project)"
• Maybe reply: Enzo Michelangeli: "Re: Crypto-sendmail (was Crypto Coding Project)"
• Maybe reply: steven.soroka@mts.mb.ca: "Re: Crypto-sendmail (was Crypto Coding Project)"
• Maybe reply: Enzo Michelangeli: "Re: Crypto-sendmail (was Crypto Coding Project)"
• Maybe reply: steven.soroka@mts.mb.ca: "Re: Crypto-sendmail (was Crypto Coding Project)"