Re: What email encryption is actually in use?
The problem Mr. Howe describes is fundamental, folks: encryption should be end-to-end even when the endpoints are functionaries in a company. Because not all employees are equal. So yes Alice at ABC.COM sends mail to Bob at XYZ.COM and the SMTP link is encrypted, so the bored upstream-ISP netops can't learn anything besides traffic analysis. But once inside XYZ.COM, many unauthorized folks could intercept Bob's email. Access Control is sorely lacking folks. Link encryption is a good idea, but rarely sufficient. At 01:20 PM 10/1/02 +0100, David Howe wrote:
at Tuesday, October 01, 2002 3:08 AM, Peter Gutmann <pgut001@cs.auckland.ac.nz> was seen to say:
For encryption, STARTTLS, which protects more mail than all other email encryption technology combined. See
I would dispute that - not that it isn't used and useful, but unless you are handing off directly to the "home" machine of the end user (or his direct spool) odds are good that the packet will be sent unencrypted somewhere along its journey. with TLS you are basically protecting a single link of a transmission chain, with no control over the rest of the chain.
At 09:05 AM 10/01/2002 -0700, Major Variola (ret) wrote:
So yes Alice at ABC.COM sends mail to Bob at XYZ.COM and the SMTP link is encrypted, so the bored upstream-ISP netops can't learn anything besides traffic analysis. But once inside XYZ.COM, many unauthorized folks could intercept Bob's email. Access Control is sorely lacking folks.
I'm running Win2000 in "You're Not The Administrator" mode. Since somebody else is root and I'm not, the fact that my network admins could eavesdrop on my link traffic isn't a big deal, especially when they set up my PC's software. And if I do pretend to trust my machine against some insiders, I can use SSH, SSL, and PGP to reduce risks from others... Also, STARTTLS can reduce eavesdropping at Alice's ABC.COM. If your organization is an ISP, the risks are letting them handle your email at all (especially with currently proposed mandatory eavesdropping laws), and STARTTLS provides a mechanism for direct delivery that isn't as likely to be blocked by anti-spamming restrictions on port 25. Now to get some email *clients* using it. On the other hand, if your recipient is at a big corporation, they're highly likely to be using a big shared MS Exchange server, or some standards-based equivalent, so the game's over on that end before you even start. Take the STARTTLS and run with it...
Link encryption is a good idea, but rarely sufficient.
Defense in depth is important for real security. STARTTLS can be a link-encryption solution, but it can also be part of a layered solution, and if you don't bother with end-to-end, it's a really good start, and isolates your risks. It also offers you some possibility of doing certificate management to reduce the risk of man-in-the-middle attacks from outside your organization, and does reduce some traffic analysis.
at Tuesday, October 01, 2002 3:08 AM, Peter Gutmann <pgut001@cs.auckland.ac.nz> was seen to say:
For encryption, STARTTLS, which protects more mail than all other email encryption technology combined.
If your goal is to encrypt 20% of the net by Christmas, STARTTLS will get a lot closer to that than a perfect system. Similarly, IPSEC using the shared key "open secret" would have been a much-faster-deployed form of opportunistic encryption than the FreeSWAN project's more complex form that wants some control over DNS that most users don't have. In the absence of a real Public Key Infrastructure, neither is totally man-in-the-middle-proof, so if the Feds are targeting *you* it's clearly not enough, but reducing mass-quantity fishing expeditions increases our security and reduces the Echelon potential - especially if 90% of the encrypted material is routine corporate email, mailing lists, Usenet drivel, etc. At 01:20 PM 10/1/02 +0100, David Howe wrote:
I would dispute that - not that it isn't used and useful, but unless you are handing off directly to the "home" machine of the end user (or his direct spool) odds are good that the packet will be sent unencrypted somewhere along its journey. with TLS you are basically protecting a single link of a transmission chain, with no control over the rest of the chain.
You can protect most of the path if your firewalls don't interfere, and more if your recipients' don't.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Bill Stewart wrote: | | If your organization is an ISP, the risks are letting them | handle your email at all (especially with currently proposed | mandatory eavesdropping laws), and STARTTLS provides a | mechanism for direct delivery that isn't as likely to be blocked | by anti-spamming restrictions on port 25. | Now to get some email *clients* using it. | BTW, most and probably all of the major mail clients out there will do STARTTLS *for SMTP*. It's a matter of servers offering it and clients being configured to actually use it. It'd be nice if they always used it if it's available, but right now I think they all require being told to. Specifically, Mozilla, Outlook, Outlook Express, Netscape (all the way back to 4.7x at least), Evolution, and Eudora all support STARTTLS (again, for SMTP). I imagine there are others that do as well. Amusingly, virtually none of them support STARTLS on any other protocol. :) IMAP and POP are almost all supported only on dedicated SSL ports (IMAPS, POP3S). Argh. Regards, Jeremey. - -- Jeremey Barrett [jeremey@rot26.com] Key: http://rot26.com/gpg.asc GnuPG fingerprint: 716E C811 C6D9 2B31 685D 008F F715 EB88 52F6 3860 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE9mwrg9xXriFL2OGARAo/oAJ0QnWSlj22d3jvdyw8wtfVXIGkjFACeOuXr fZjD8Wo2H/AWkM1saPxNNOY= =g5QQ -----END PGP SIGNATURE-----
At 10:04 AM 10/2/02 -0500, Jeremey Barrett wrote:
Specifically, Mozilla, Outlook, Outlook Express, Netscape (all the way back to 4.7x at least), Evolution, and Eudora all support STARTTLS (again, for SMTP). I imagine there are others that do as well.
Amusingly, virtually none of them support STARTLS on any other protocol. :) IMAP and POP are almost all supported only on dedicated SSL ports (IMAPS, POP3S). Argh.
I use Eudora, as I'm very comfortable with it (so comfortable, in fact, that it's my primary reason for booting Windows at all.) The version I use, 5.1, *does* support STARTTLS for POP over both the regular port 110 as well as alternate ports, as well as user-defined ports. It needs some tweaking, but the capability exists. I don't know about IMAP, as I don't use IMAP to get my mail. Udhay -- ((Udhay Shankar N)) ((udhay @ pobox.com)) ((www.digeratus.com)) --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
Udhay Shankar N wrote: | At 10:04 AM 10/2/02 -0500, Jeremey Barrett wrote: | |> Amusingly, virtually none of them support STARTLS on any other protocol. |> :) IMAP and POP are almost all supported only on dedicated SSL ports |> (IMAPS, POP3S). Argh. | | I use Eudora, as I'm very comfortable with it (so comfortable, in fact, | that it's my primary reason for booting Windows at all.) | | The version I use, 5.1, *does* support STARTTLS for POP over both the | regular port 110 as well as alternate ports, as well as user-defined | ports. It needs some tweaking, but the capability exists. | | I don't know about IMAP, as I don't use IMAP to get my mail. | Yes, Eudora is the exception. It supports both STARTTLS and dedicated SSL ports for all mail protocols (it even does SMTPS I think). Jeremey. -- Jeremey Barrett [jeremey@rot26.com] Key: http://rot26.com/gpg.asc GnuPG fingerprint: 716E C811 C6D9 2B31 685D 008F F715 EB88 52F6 3860 --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
--On Wednesday, 02 October, 2002 10:54 -0500 Jeremey Barrett <jeremey@rot26.com> wrote:
Udhay Shankar N wrote: | At 10:04 AM 10/2/02 -0500, Jeremey Barrett wrote: | |> Amusingly, virtually none of them support STARTLS on any other protocol. |> :) IMAP and POP are almost all supported only on dedicated SSL ports |> (IMAPS, POP3S). Argh. | | I use Eudora, as I'm very comfortable with it (so comfortable, in fact, | that it's my primary reason for booting Windows at all.) | | The version I use, 5.1, *does* support STARTTLS for POP over both the | regular port 110 as well as alternate ports, as well as user-defined | ports. It needs some tweaking, but the capability exists. | | I don't know about IMAP, as I don't use IMAP to get my mail. |
Yes, Eudora is the exception. It supports both STARTTLS and dedicated SSL ports for all mail protocols (it even does SMTPS I think).
it isn't the only exception: i use mulberry with IMAP, and it supports STARTTLS for both IMAP and SMTP over the normal ports; haven't tried POP3, although it looks like it should work. and this seems to work for mulberry on linux, macs and windows. -paul --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
participants (5)
-
Bill Stewart -
Jeremey Barrett -
Major Variola (ret) -
Paul Krumviede -
Udhay Shankar N