nanog mailing list archives

Re: The US government has betrayed the Internet. We need to take it back

From: Michael Thomas <mike () mtcc com>
Date: Fri, 06 Sep 2013 13:04:48 -0700

On 09/06/2013 12:52 PM, Nicolai wrote:

On Fri, Sep 06, 2013 at 12:03:56PM -0700, Michael Thomas wrote:

On 09/06/2013 11:19 AM, Nicolai wrote:

That's true -- it is far easier to subvert email than most other
services, and in the case of email we probably need a wholly new
protocol.

Uh, a first step might be to just turn on [START]TLS. We're not using the
tools that have been implemented and deployed for a decade at least.

Agreed.  Although some people are uncomfortable with OpenSSL's track record,
and don't want to trade system security for better-than-plaintext
network security.

But the deeper issue is coercing providers to give up mail stored on
private servers, bypassing the network altogether.  TLS doesn't address
this problem.  Short term: deploy [START]TLS.  Long term: we need a new
email protocol with E2E encryption.


I'd say we already have those things too in the form of PGP/SMIME.
Who knows what the NSA can break, but it's just not right to say that
we need new protocols. The means has been there for many years to
secure email (fsvo 'secure'), it's just that it's not terribly convenient
so we just don't for the most part.

Mike

Current thread:

Re: The US government has betrayed the Internet. We need to take it back, (continued)
- - - Re: The US government has betrayed the Internet. We need to take it back <<"tei''>>> (Sep 06)
    - Re: The US government has betrayed the Internet. We need to take it back Warren Bailey (Sep 06)
    - Re: The US government has betrayed the Internet. We need to take it Joe Greco (Sep 06)
    - Re: The US government has betrayed the Internet. We need to take it back Nicolai (Sep 06)
    - Re: The US government has betrayed the Internet. We need to take it back Michael Thomas (Sep 06)
    - Re: The US government has betrayed the Internet. We need to take it back Eugen Leitl (Sep 06)
    - Re: The US government has betrayed the Internet. We need to take it back Michael Thomas (Sep 06)
    - RE: The US government has betrayed the Internet. We need to take it back Keith Medcalf (Sep 07)
    - Re: The US government has betrayed the Internet. We need to take it back Nicolai (Sep 06)
    - Re: The US government has betrayed the Internet. We need to take it back Chris Adams (Sep 06)
    - Re: The US government has betrayed the Internet. We need to take it back Michael Thomas (Sep 06)
    - Re: The US government has betrayed the Internet. We need to take it back Eugen Leitl (Sep 06)
    - RE: The US government has betrayed the Internet. We need to take it back Paul Donner (pdonner) (Sep 06)
    - RE: The US government has betrayed the Internet. We need to take it back Chris Boyd (Sep 06)
    - Re: The US government has betrayed the Internet. We need to take it back Scott Brim (Sep 06)
    - Re: The US government has betrayed the Internet. We need to take it back Jorge Amodio (Sep 06)
    - Re: The US government has betrayed the Internet. We need to take it back harbor235 (Sep 06)
    - Message not available
    - Re: The US government has betrayed the Internet. We need to take it back Larry Sheldon (Sep 06)
- Re: The US government has betrayed the Internet. We need to take it back <<"tei''>>> (Sep 06)
- Re: The US government has betrayed the Internet. We need to take it back Scott Weeks (Sep 06)
  - Re: The US government has betrayed the Internet. We need to take it back Mark Gauvin (Sep 06)

(Thread continues...)