[Enigmail] Expect signature header proposal
Robert J. Hansen
rjh at sixdemonbag.org
Tue Oct 7 17:07:32 PDT 2008
Eitan Adler wrote:
> Alright - what about this scenario:
This is the last one you get for free. After this, I start billing
$150/hr. for security consulting.
> Bob is security conscience and always signs his messages sent to Alice.
Sure.
> Dora wants to harm Bob's career and she sends a forged message claiming
> to be from Bob to Alice. Alice is an ordinary human and does not notice
> the missing "this message is signed" notice and therefore acts upon this
> message. Bob's career is ruined. Alice also gets messages from many
> people that don't sign their emails. It would ruin the effect of an
> "unsigned message" notice if she got it for every message that had no
> signature.
Bogus.
Let's put this into a more realistic scenario. Imagine that I'm still
in graduate school and I'm the TA for a class. A student is angry at me
for his failing grade, and decides to get payback by posting messages in
my name to white supremacist mailing lists.
I get hauled in front of the dean and asked to explain my actions.
"What actions?" I get presented with the messages. "They're not from
me! I never signed these -- I sign all my emails! I have a five year
record of signing my emails! Everyone in the department knows this!
Are you kidding me?!"
The dean nods. "Yes, Rob. We know you didn't sign them. We're
assuming it's because you wanted to repudiate them later if we ever
found them. You'll understand if we suspend you from your university
posting while we get to the bottom of this, right?"
Moral of the story: what you want crypto to do, it cannot do. If it
could, then the alternative would be just as bad: it would give anyone a
free pass to deny responsibility for anything they wrote just by failing
to sign the message.
> Even if it is not a header there should be some way to enable/disable a
> "unsigned message" notice per user.
And while you're at it, everyone should have a pony. That doesn't mean
everyone's going to get one, or that everyone is even capable of
stabling one.
There are a lot of things in crypto that are "should". Fortunately for
us, we get to deal with a different question: "can we do this, and if
so, what are the tradeoffs?"
Even then, that's a hideously complex question. Fortunately, it's still
within the realm of tractability.
More information about the Enigmail
mailing list