Open Source Applications Foundation

[Dev] Automatic secure email

Andy Hertzfeld Wed, 06 Nov 2002 22:33:48 -0800 

Hi Aaron,

> Anyone can publish their public key to the Web simply by pasting it 
> into one of these forms:
>
> http://pgp.mit.edu/
> http://www.{us,ca,ch,dk,de,no,uk}.pgp.net/pgpnet/pks-commands.html
>
> There are many others. You end up with a URL like 
> http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x79F0DF4B

        That's still too hard for many users to do.  It needs to be 
truly automatic if it's going to succeed, but perhaps Chandler could 
register the keys automatically at key generation time.  I'm not sure if 
we can count on servers doing this on a large scale, for free, 
indefinitely, though.

>
>> There are multiple existing cryptographic algorithms and formats; it 
>> would be nice to be able to support as many as we can, including ones 
>> not yet defined.
>
>
> "While good formats allow you to select from a variety of options and 
> extensions, there are times when this is not valuable. If there are, 
> for example, two algorithms one can use to encrypt a message, all that 
> means is that all encrypters are forced to be able to do both."
>  - http://www.templetons.com/brad/cryptech.html

        Well, there are multiple formats currently in use.  It would be 
great if everyone agreed on one, but I wouldn't count on it.

>
> Why would you want to do SOAP over email?
>
> MIME is currently designed to be fully extensible without requiring 
> such a profile.

        We eventually want to do SOAP over email so we can build 
frameworks that use email for transactions and workflow type 
applications, for example, buying a concert ticket or booking a plane 
flight.  But we can discuss that some other time.

        MIME is extensible, that's sort of the problem -  not all 
clients support all MIME-types; hand-held clients are especially 
spartan.  We can do a better job if we know what types a client supports 
when sending a message, so we can send them types they actually can use.

      By the way, I don't necessarily think that it's bad to use the 
"keys in header" approach you're advocating, instead of the "request a 
profile" approach and I'm willing to go that way in Chandler if it makes 
automatic secure email happen.   I just think the other approach is 
somewhat better, but I'm not even sure of that until we do more work and 
try it out.

-- Andy