[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[ PROPOSED NEW STANDARD ] "I-like-encrypted-mail" tag
Summary:
This message tosses out an idea for conveying within an { email |
usenet } message the datum "the author of this message prefers to
receive PGP encrypted communications" in a standard machine-readable
form.
Motivation:
In the most recent version of my
<a href="http://www.openmarket.com/personal/tjic/emacs.html">
mail-secure.el package
</a>
I included a feature that allows users to maintain a list of
correspondants who prefer to receive encrypted mail. This list is
then used by the package at email-send-time to see if a piece of email
should be encrypted.
I and others on this list include tags along the lines of "PGP
encrypted mail preferred" in our .sigs. It occured to me that this
could be automated:
(1) a standard "I-like-encrypted-mail" tag could be defined
(2) cryptography-capable mail tools could scan incoming messages for
this tag and add the originators of any message containing the
tag to a list
(3) cryptography-capable mail tools could then use this list when
sending (as mail-secure.el currently does).
Possible Implementations:
A couple of different methods occur to me to implement step #1:
(a) a new header could be defined and added to messages (as per
section 3 of
<a href="http://www.cis.ohio-state.edu/htbin/rfc/rfc1505.html">
RFC 1505
</a>
), along the lines of
X-Rcv-Security-Prefered: PGP-Encryption
(b) a certain keyword or phrase could be defined that could be
inserted in the .sig block of a message. Ex:
--
[email protected]
PGP-Encrypted-Mail-Preferred
I am tempted to suggest something either compatible with or in the
spirit of
<a href="http://www.eit.com/creations/s-http/draft-ietf-wts-shttp-00.txt">
SHTTP
</a>
negotiation blocks, but restrain myself from doing so because this
(a) seems needlessly baroque for the information being conveyed
(b) falsely implies that a negotiation is taking place, when in fact a
mere advisory is being issues.
Security concerns:
A temporary denial-of-service/annoyance attack could be mounted by an
adversary who issues one forged message from individual A with the
"PGP-encrypted-mail prefered tag" present, and then puts a fake key on
a keyserver. Anyone who uses a tag-aware mail-reading package and
sees this message would send future mail to individual A encrypted in
a manner that didn't allow A to read it.
Please mail or post any thoughts on this proposal.
Thanks,
TJIC