[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ PROPOSED NEW STANDARD ] "I-like-encrypted-mail" tag




Summary:

	This message tosses out an idea for conveying within an { email |
	usenet } message the datum "the author of this message prefers to
	receive PGP encrypted communications" in a standard machine-readable
	form.

Motivation:

	In the most recent version of my

		<a href="http://www.openmarket.com/personal/tjic/emacs.html">
	 mail-secure.el package
		</a>

	I included a feature that allows users to maintain a list of
	correspondants who prefer to receive encrypted mail.  This list is
	then used by the package at email-send-time to see if a piece of email
	should be encrypted.

	I and others on this list include tags along the lines of "PGP
	encrypted mail preferred" in our .sigs.  It occured to me that this
	could be automated: 

	(1) a standard "I-like-encrypted-mail" tag could be defined
	(2) cryptography-capable mail tools could scan incoming messages for
			this tag and add the originators of any message containing the
			tag to a list
	(3) cryptography-capable mail tools could then use this list when
			sending (as mail-secure.el currently does).


Possible Implementations:

	A couple of different methods occur to me to implement step #1:

	(a) a new header could be defined and added to messages (as per
	section 3 of 

		<a href="http://www.cis.ohio-state.edu/htbin/rfc/rfc1505.html">
	RFC 1505
		</a>

	), along the lines of 

		X-Rcv-Security-Prefered: PGP-Encryption

	(b) a certain keyword or phrase could be defined that could be
	inserted in the .sig block of a message.  Ex:

		--
		[email protected]
		PGP-Encrypted-Mail-Preferred

	I am tempted to suggest something either compatible with or in the
	spirit of 

		<a href="http://www.eit.com/creations/s-http/draft-ietf-wts-shttp-00.txt">
	SHTTP 
		</a>

	negotiation blocks, but restrain myself from doing so because this

	(a) seems needlessly baroque for the information being conveyed
	(b) falsely implies that a negotiation is taking place, when in fact a
		mere advisory is being issues.

Security concerns:

	A temporary denial-of-service/annoyance attack could be mounted by an
	adversary who issues one forged message from individual A with the
	"PGP-encrypted-mail prefered tag" present, and then puts a fake key on
	a keyserver.  Anyone who uses a tag-aware mail-reading package and
	sees this message would send future mail to individual A encrypted in
	a manner that didn't allow A to read it.


Please mail or post any thoughts on this proposal.

Thanks,

TJIC