[Enigmail] Signing message headers [was: X-PGP-Sig support]

Tue Dec 18 06:31:54 PST 2007

In the early days of the internet a delay of a few hours between the
time a message was sent and the time it was received was considered
acceptable.  Today if the delay is more than five minutes people begin
to come up with elaborate conspiracy theories.  The window of time for
MUA-->MTA-->(internet cloud)-->MTA-->MUA is literally minutes.

Deferring signatures to a low CPU usage period is not a generally
practical scenario.

> BTW signing may use one pretty short "one day" keys signed by long
> "master key".

Right, because we don't have enough of a problem with key management
already.

Key management is the weakest part of PKI right now.  No questions.  The
state of key management is really quite horrific.

While it's axiomatic in computer science that "all problems can be
simplified by inserting a level of abstraction", most people miss the
corollary of "then again, the abstraction usually brings its own
problems".

Solving the "signatures are expensive" problem by using short one-day
keys seems to successfully solve the problem.  However, I think it will
probably make the key management problem substantially worse.

Elliptical curve crypto has the potential to solve the expensive
signatures problem without introducing the abstraction penalty.  I say
to wait for that.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iFYEAREIAAYFAkdn2doACgkQf2XByo0Cu7PdKgDfTa6+8BTb20Hrx0KEHpnTWy0N
trSHNmbqPFMStwDfU+lna4z6PDst3WCzrQVdZ82X7X0VgJS3bdHylokBHAQBAQgA
BgUCR2fZ2gAKCRC3APSC/q+BCVvjB/9ML7fU5mtE80B7hN8PdYAyWVoGoaIuwxxr
I8l/+v4FhFDWatIvMEJYmB42iCZEMZRyDWb0XAnwqawvdRbwsgn3c/NjTgiRK4eF
17dfus1i1IPyPT/ZvfBY4dRgGkBBV5BE7TRVRvFC3iDCu604GEimpk/sUs68oJP5
mjGuIHV8WVK4dNP94WScK5oS+E7lg4JNvCnOCwGZYadTr0+eSlXl5Yfusm2BynWi
S1FMo5ccdyyISFkPErcX+uoZUw5u1U1Ee2tCjCxBFtVnxJfFPHS824fFyQXmLz5e
/vX0cVxsYpgMotj5EL8cNNRyQrcDgGeKV82onxsoE+afDVmEp9o4
=BGY3
-----END PGP SIGNATURE-----