Re: Using S-MIME (encrypted & signed email)
From: Michel Gallant (MVP) (neutron@istar.ca)
Date: 11/22/02
- Next message: B. Goodman: "Re: MS02-065 : new bug posted today ?"
- Previous message: Wes Tanney: "Re: MS02-065 patch download"
- In reply to: Karl Levinson [x y] mvp: "Re: Using S-MIME (encrypted & signed email)"
- Next in thread: Karl Levinson [x y] mvp: "Re: Using S-MIME (encrypted & signed email)"
- Reply: Karl Levinson [x y] mvp: "Re: Using S-MIME (encrypted & signed email)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 22 Nov 2002 10:04:09 -0500 From: "Michel Gallant (MVP)" <neutron@istar.ca>
I think the main issue you seem to emphasize is a "preceived"
complexity. I have quite a bit of experience with a new un-named
PKI vendors, and my experiences are that the main reason more
people don't use it is NOT because they feel they "don't need to",
but rather that it is too complex.
This is an implementation issue: Typically, the folks in charge of
supporting PKI are also the overly-techie guys who have too much
say on how it gets deployed to end-users and configured.
This is an end-user education issue also:
I have demonstrated to lawyers, gov't officials etc.. how easy it is
to get up and running with a transparent commercial CA S-MIME
certificate and their reaction 99% of the time is "why didn't someone
tell me or show me how easy it is to use??" We all know that issuances
practices by CAs are not perfect, but it does work reasonably well.
We all know that is is inappropriate to use signed and/or encrypted email
for everything. Again, this is about reasonable judgment. Being able to
encrypt email is about better security practice, not about bullet-proof
security. Think about important information, being sent by companies on
business practices, company strategy, board minutes, legal correspondence? Many of the
workers have no idea that their emails are potentially sitting on several
servers, ready to be used by an IT admin on those servers, waiting to make
his/her big strike! We are not talking about CIA cloak-dagger stuff here, but
IMPORTANT information that ought to be protected. The fact that there has
been no (publicly visible) incident yet is a poor excuse to not use secure
email IMHO
off the sandbox ...
- Mitch
"Karl Levinson [x y] mvp" wrote:
> "Michel Gallant (MVP)" <neutron@istar.ca> wrote in message
> news:3DDAD314.314484BF@istar.ca...
>
> > so are you saying that you view the risks are worth living with, given
> your
> > preceived view of complexity in deployment?
>
> Well, sort of. We've been living with the theoretical risks of internet
> email for years because convenience always trumps security every time. We
> didn't view it in terms of risks but in terms of the loss of convenience in
> exchange for a feature we weren't convinced we really needed and that no one
> else seems to need either. E.g. 1) encryption and signing is worthless
> unless you can convince all other companies you are emailing to use the same
> software, 2) even then it might be worthless if the users fail to encrypt or
> sign a particular email before it is sent or miss the message that an
> incoming email is not authentic, 3) everyone else continues to use
> unencrypted email and realize that it is not appropriate for sensitive
> communications, 4) not counting FBI's Carnivore, email capturing is I am
> guessing at an all-time low for most companies due to increase in traffic
> and noise on the internet and increase in switched technologies, 5) the
> attached signature makes the email uglier and increases bandwidth usage and
> reduces the speed and capacity of various systems, 6) even a security
> consious administrator doesn't want to have to enter in a long passphrase
> every time an email is sent and received and sometimes twice per each email,
> 7) it's hard to get buy-in from top execs for a product that requires the
> password be entered in so frequently, 8) I don't trust any security scheme
> that relies on the user to manually make the right choices to prevent the
> data from being compromised, 9) I would think that administrative overhead
> would go up in the form of more help desk calls and questions, CA
> maintentance, etc.
>
> As I said, my email encryption experience is just with one product, so maybe
> some of this is off base. I don't know.
>
> > I am somewhat surprised that Microsoft do not "walk the talk" by posting
> important
> > notices (here or via email) that are digitally signed email :-) I have
> seen some PGP,
> > but what about something a bit more transparent and standarized ?
> Afterall, Win2000 and XP
> > have a healthy dose of WFP (Window File Protection) built on similar
> signature technology.
>
> Well, I don't know how important these posts really are... partly because
> people understand this is kind of like chatting on a busy city street and
> that eavesdropping and impersonation are risks. The incidence of a forgery
> here seems to be pretty slim, too. Also, signing your posts every time you
> answer the question "how do I turn off content advisor" would slow
> downloads, increase the server disk space utilization and internet bandwidth
> use, possibly require entering a password for every post, etc. Looking at
> other similar Usenet sites, it seems to me that signing Usenet posts remains
> pretty uncommon except for a few isolated security professionals.
- Next message: B. Goodman: "Re: MS02-065 : new bug posted today ?"
- Previous message: Wes Tanney: "Re: MS02-065 patch download"
- In reply to: Karl Levinson [x y] mvp: "Re: Using S-MIME (encrypted & signed email)"
- Next in thread: Karl Levinson [x y] mvp: "Re: Using S-MIME (encrypted & signed email)"
- Reply: Karl Levinson [x y] mvp: "Re: Using S-MIME (encrypted & signed email)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
