Re: S/MIME with OpenSSL?

[Uwe Brauer]

>>> "Adam" == Adam Sjøgren <asjo@koldfront.dk> writes:

   > Uwe writes:
   >> This is not about impose, this is about practical matter.

   > Sure. My point is that I don't want to tell people how to handle their
   > email.

I still don't understand. I say: I want to interchange encrypted mail
with someone. I don't care whether it is gpg or smime, but my experience
tells me it is easier for the other one to use smime. What has this to
do with «imposing»?

   >> Suppose you want to interchange confidential information with someone
   >> outside the GNU/emacs world and that person has very little computer
   >> knowledge. For him/her pgp is a nightmare to install. Smime not.

   > I understand that this is how you feel. You haven't convinced me
   > this is the case. You just keep stating that it is.

I cannot convince you, since you obviously have not had the same
experience, good for you.


   > I see. I have never heard of anyone (but you) using S/MIME with any of
   > these programs.

Oh, 99\% of the persons I am in contact with (not counting people on
mailing lists on software issues like the gnus or auctex list etc) do
not use Emacs but use either Apple mail, Thunderbird or outlook (or a
webmail interface which is another matter). So if I want to interchange
encrypted emails with them, I am faced between pgp or smime. Smime is
included already in these programs, well that first step is therefore
solved, no extra installation is needed.

   > So, in my eyes, PGP is much easier here. I don't even know how to tell
   > someone to "apply for a certificate signed by a root authority", much
   > less how to get the certificate into their chosen email-program. But
   > every "illiterate" computer user knows this?

I explain that it a minute.

It seems that you are not familiar with the issue of PKI
https://en.wikipedia.org/wiki/Public_key_infrastructure
or with smime https://en.wikipedia.org/wiki/S/MIME

I don't want to write here a long explanation since this gets off topic
easily.

The main issue with asymmetric encryption is not encryption but
authentication. In a nutshell: how can you be sure that the public key
you obtain belongs to the person, it claims it belongs to? This is the
famous man in the middle attack. The answer is to sign a public key and
here PGP and SMIME take two very different approaches:

    -  PGP creates a net of trust: there are key servers where you can
       upload your public keys so that it can be signed by people you
       trust. As a rule of the thumb: one should trust a public key if
       its signed by somebody one trusts or if this is not the case,
       trust a key which has a lot of signatures. One should never just
       use a public key which has been sent to him/her, since one cannot
       trust it.

    -  SMIME has a hierarchical model: there are a dozen or so
       certificate authorities (CA) which can sign keys. Keys signed by
       these authorities have to be trusted 100 \%. All software mail
       programs I listed are configured such that public keys signed by
       these authorities are trusted. That is why it is unproblematic to
       send a public key by email, contrary to pgp.

If you don't think that obtaining a certificate (a public key signed by a
CA) is easy please visit


https://www.comodo.com/home/email-security/free-email-certificate.php

(This is just a site I know there are dozen others)

Fill in name and email address, after a while you receive an email with
a link, which after clicking on it[1] , does the following

    -  if you (not you Adam, but you the generic user) use seamonkey the
       certificate is already installed and since seamonkey is basically
       firefox+thunderbird  you are done.

    -  if you are using firefox, the certificate is installed in firefox
       you have to export it and then to import it to your mail client
       thunderbird say or gpgsm/gnus

    -  if you use safari, the certificate gets downloaded to your
       Desktop you double click and restart Apple mail and you are done.

This is *not* easy?

Installing pgp, a plugin and generating a pgp key is easier? Well if you
think so then I cannot convince you.


   > It is literally one line of configuration. Much easier than "applying
   > for a certificate signed by a root authority" - what so-called
   > "illiterate" person even knows what those words mean, much less how to
   > do it?

But this is a serious security risk (if not a breach) if you download a
key without checking its signatures it before. See my comments above.

   > Oh, and, ooops, that's exactly what you say the problem with creating a
   > PGP key is.

   > Maybe we should wrap this up, as both are, as far as I know,
   > equally supported by Gnus, and so this is wandering off topic.

This topic has turned to «what is easier to use SMIME or PGP», which
came up in that tread, however in fact is not so relevant for the GNUS
list and that is why it better to drop it here and to continue off-list
if needed.


Regards

Uwe 

Footnotes: 
[1]  (important: you must use the *same* browser on the *same* machine,
     you used for applying the certificate for that operation)