From nobody Mon Dec 5 06:31:23 2016 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A9DE9129BDC for ; Tue, 29 Nov 2016 07:00:20 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -3.397 X-Spam-Level: X-Spam-Status: No, score=-3.397 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-1.497] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EVwK8AvtS20R for ; Tue, 29 Nov 2016 07:00:18 -0800 (PST) Received: from jupiter.mumble.net (jupiter.mumble.net [74.50.56.165]) by ietfa.amsl.com (Postfix) with ESMTP id 8CD9D129C02 for ; Tue, 29 Nov 2016 07:00:18 -0800 (PST) Received: by jupiter.mumble.net (Postfix, from userid 1014) id BE60C603CA; Tue, 29 Nov 2016 15:00:10 +0000 (UTC) From: Taylor R Campbell To: Peter Gutmann In-reply-to: <1480411542920.18425@cs.auckland.ac.nz> (pgut001@cs.auckland.ac.nz) Date: Tue, 29 Nov 2016 15:00:17 +0000 Sender: Taylor R Campbell MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Message-Id: <20161129150010.BE60C603CA@jupiter.mumble.net> Archived-At: X-Mailman-Approved-At: Mon, 05 Dec 2016 06:31:22 -0800 Cc: messaging@moderncrypto.org, openpgp@ietf.org, Vincent Breitmoser Subject: Re: [openpgp] [messaging] On Signed-Only Mails X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Nov 2016 15:00:20 -0000 Date: Tue, 29 Nov 2016 09:25:45 +0000 From: Peter Gutmann Vincent Breitmoser writes: >In some more detail: >https://k9mail.github.io/2016/11/24/OpenPGP-Considerations-Part-I.html > >[...] Signed-Only Mails are Useless [...] Yup, and it's for exactly the reasons given there that the S/MIME WG decided many years ago not to sign messages sent to the list. Courts, similarly, rule on the intent of the signer, not some attached bag of bits (see e.g. Steven Mason's excellent "Electronic Signatures in Law"). So while I wouldn't go so far as to call them harmful, I'd agree that they're mostly useless, unless you're using one to make some special point. Even then, if it's for legal purposes, a court will look at almost everything but the signature when deciding on its effect. Courts are not the only imaginable threat model for nonrepudiation of a sender's message[1]. End-to-end authentication is important for preventing forgery of conversations between two parties, but of the two ways to accomplish that -- signatures, where anyone can verify, vs authenticators, where only recipient can verify -- signatures work against the sender's interest with no benefit over authenticators in the vast majority of private messages. Unfortunately, OpenPGP doesn't have public-key authenticators -- nor authenticated encryption, and likewise S/MIME[2] -- so it's kludged up by an ad hoc composition of signature and encryption that fails to bind the sender and recipient, which has long been known to enable the recipient of a private message to resend it for comic effect or worse[5]. [1] Rob Graham, `Politifact: Yes we can fact check Kaine's email', Errata Security blog, 2016-10-23. http://blog.erratasec.com/2016/10/politifact-yes-we-can-fact-check-kaines.h= tml [2] Except perhaps for static-static DH mode described in RFC 2631[3], but I've never seen evidence that anyone has ever used it in practice, and have seen evidence of avoiding it[4]. [3] Eric Rescorla, `Diffie-Hellman Key Agreement Method', RFC 2631, June 1999. https://www.ietf.org/rfc/rfc2630.txt [4] `The following features are lower in priority and are not likely to be included in version 1.0 [of the Mozilla S/MIME toolkit]: CMS: Static-static Diffie-Hellman Key Agreement Protocol (SSDH) (RFC2630 12.3.1.1)' http://www-archive.mozilla.org/projects/security/pki/nss/smime/ [retrieved 2016-11-29] [5] Don Davis, `Defective Sign & Encrypt in S/MIME, PKCS#7, MOSS, PEM, PGP, and XML', 2001-05-05. http://world.std.com/~dtd/sign_encrypt/sign_encrypt7.html From holger@merlinux.eu Tue Dec 6 03:47:10 2016 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9A32F12996F for ; Tue, 6 Dec 2016 03:47:10 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.897 X-Spam-Level: X-Spam-Status: No, score=-4.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-2.896, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=merlinux.eu Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Kog5QDv9nAE1 for ; Tue, 6 Dec 2016 03:47:08 -0800 (PST) Received: from mail.merlinux.eu (mail.merlinux.eu [IPv6:2a01:4f8:c17:b03::2]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3E376129451 for ; Tue, 6 Dec 2016 03:47:08 -0800 (PST) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.merlinux.eu (Postfix) with ESMTPSA id A04581004F8; Tue, 6 Dec 2016 11:47:04 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.2.0 mail.merlinux.eu A04581004F8 Authentication-Results: mail.merlinux.eu; dmarc=none header.from=merlinux.eu DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=merlinux.eu; s=default; t=1481024824; bh=99wk85TZeC3e+cet8ArBvO/3I5pRC6q2uPLmISkvy7I=; h=Date:From:To:Subject; b=dL91GxRfRC6wbKoniyO0gJ1A6tsxL93VUv8FWJ2EV5s0o1JthQJkl4Se5Ud/cFve9 ffpf/SbMt13wPd+C9vqNnhAPwCpgNNyPP0OBjR2eX0sPRqiEdYrInNJfJ7nREgBYID 0XzAIhGZicg5hMAj7rsIpXtRTLkgn+UAed25HsqY= Received: by beto (Postfix, from userid 1000) id 6C3DB4231BC; Tue, 6 Dec 2016 12:47:04 +0100 (CET) Date: Tue, 6 Dec 2016 12:47:04 +0100 From: holger krekel To: messaging@moderncrypto.org, openpgp@ietf.org Message-ID: <20161206114704.GR3538@merlinux.eu> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Archived-At: Subject: [openpgp] berlin mail encryption meetup Dec 14-18th / INBOME X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 Dec 2016 12:01:16 -0000 Hi all, (cross-post openpgp / messaging), next week Dec 14-18th a diverse set of programmers, cryptographers and researchers meet to move automatic mail encryption forward. Their hackathon, unconference and fun hangouts are going to happen at the Onion space in Berlin, see here for more details: https://github.com/mailencrypt/ame2016 . There still is space. Also feel free to just drop by in the evenings if you are around Berlin. The main focus of the 5-day meetup of currently ~15 people is on mail encryption but some are also doing a sub session around federated low-latency messaging on thursday afternoon, featuring Matthew from matrix.org and Dominic from Scuttlebot.io among likely others. You'll find within the meeting page this link to draft doc on "in-band-opportunistic-mail-encryption" (INBOME) https://inbome.readthedocs.org/. I expect a lot of discussion and clarification on its relation to key servers or Werner's web-key-directory approach. FWIW my personal INBOME involvement grew from my perception that email providers seem not very inclined to operate "certifying" key servers and that making automatic mail encryption efforts dependent on that may mean it never really happens. best, holger From nobody Tue Dec 6 10:36:42 2016 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E7E90129A62 for ; Tue, 6 Dec 2016 10:36:35 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.9 X-Spam-Level: X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PA5K-fX5dlBd for ; Tue, 6 Dec 2016 10:36:32 -0800 (PST) Received: from virulha.pair.com (virulha.pair.com [209.68.5.166]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5B98F129566 for ; Tue, 6 Dec 2016 10:36:31 -0800 (PST) Received: from tormenta.local (iang.org [209.197.106.187]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by virulha.pair.com (Postfix) with ESMTPSA id 5C2D66D7B8; Tue, 6 Dec 2016 13:36:30 -0500 (EST) To: openpgp@ietf.org References: <20161129091837.GA25812@littlepip.fritz.box> <1480411542920.18425@cs.auckland.ac.nz> From: ianG Message-ID: <54a2cbfb-70e2-4655-b5bb-3ded94ba3cec@iang.org> Date: Tue, 6 Dec 2016 13:36:29 -0500 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0) Gecko/20100101 Thunderbird/45.5.1 MIME-Version: 1.0 In-Reply-To: <1480411542920.18425@cs.auckland.ac.nz> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit Archived-At: Subject: [openpgp] Steven Mason's "Electronic Signatures in Law" now in 4th edition and FREE! X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 Dec 2016 18:36:36 -0000 On 29/11/2016 04:25, Peter Gutmann wrote: > see e.g. Steven > Mason's excellent "Electronic Signatures in Law"). Just as an aside, the 100 quid ++ excuse to not read Mason's book is now gone. The 4th edition is out, it's free online, in a PDF form. http://ials.sas.ac.uk/digital/humanities-digital-library/observing-law-ials-open-book-service-law/electronic-signatures http://financialcryptography.com/mt/archives/001602.html And you can still purchase the paper versions or Kindle or etc if you're a lawyer! iang From nobody Tue Dec 6 10:48:52 2016 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BDF22129A98 for ; Tue, 6 Dec 2016 10:48:50 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.9 X-Spam-Level: X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XMh4R-unF9vQ for ; Tue, 6 Dec 2016 10:48:49 -0800 (PST) Received: from virulha.pair.com (virulha.pair.com [209.68.5.166]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4B1F5129A8F for ; Tue, 6 Dec 2016 10:48:49 -0800 (PST) Received: from tormenta.local (iang.org [209.197.106.187]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by virulha.pair.com (Postfix) with ESMTPSA id 954CE6D7C8; Tue, 6 Dec 2016 13:48:48 -0500 (EST) To: openpgp@ietf.org References: <20161129091837.GA25812@littlepip.fritz.box> <1480411542920.18425@cs.auckland.ac.nz> From: ianG Message-ID: Date: Tue, 6 Dec 2016 13:48:47 -0500 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0) Gecko/20100101 Thunderbird/45.5.1 MIME-Version: 1.0 In-Reply-To: <1480411542920.18425@cs.auckland.ac.nz> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit Archived-At: Subject: Re: [openpgp] [messaging] On Signed-Only Mails X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 Dec 2016 18:48:50 -0000 On 29/11/2016 04:25, Peter Gutmann wrote: > Vincent Breitmoser writes: > >> In some more detail: >> https://k9mail.github.io/2016/11/24/OpenPGP-Considerations-Part-I.html >> >> [...] Signed-Only Mails are Useless [...] > > Yup, and it's for exactly the reasons given there that the S/MIME WG decided > many years ago not to sign messages sent to the list. Courts, similarly, rule > on the intent of the signer, not some attached bag of bits (see e.g. Steven > Mason's excellent "Electronic Signatures in Law"). So while I wouldn't go so > far as to call them harmful, I'd agree that they're mostly useless, unless > you're using one to make some special point. Which gets more to the point - the problem with digital signatures is that they mean different things to different people. Just the crypto alone cannot solve that problem. What is needed is a framework that states the meaning of the signature in human terms in a clear way. This hasn't really been done to my knowledge. CAs like CAcert have gone a long way towards establishing one meaning of a signature. But the "one meaning" thing has also been insufficient; we really need many meanings, and that needs more work. Bringing it back to the topic, what we are really saying is that "signed-only mails will be useless without some context" and in the contrary where emails are signed and encrypted, we are actually providing some context by implication: the signature is for authentication of the mail sender / key, which is a security statement not a legal statement, as is stressed by the inclusion of encryption;... and therefore we can presume that the signature is not for legal purposes. Note that it's still a presumption based on custom not statement. To put that another way around - when we just do signed emails, are we doing an authentication (security) statement or are we intending a legal (signing) statement? It's not clear. We might be clearer by saying that plaintext sigs are more legal and binary ones are more authentication, but that's not backed up by any custom or anything. > Even then, if it's for legal > purposes, a court will look at almost everything but the signature when > deciding on its effect. Right, and now we have the problem that a digsig probably is a lousy legal signature anyway, if used without any context. But does that make it not a legal signature? No. The closer statement might be: "signatures don't make their purpose clear, and therefore they are often so confusing as to be useless." iang From nobody Tue Dec 6 17:41:08 2016 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4132D1293EE for ; Tue, 6 Dec 2016 17:41:06 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.597 X-Spam-Level: X-Spam-Status: No, score=-2.597 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.001, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mo3GLGIdFbR9 for ; Tue, 6 Dec 2016 17:41:04 -0800 (PST) Received: from mail-wm0-x236.google.com (mail-wm0-x236.google.com [IPv6:2a00:1450:400c:c09::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 690BB129630 for ; Tue, 6 Dec 2016 17:41:02 -0800 (PST) Received: by mail-wm0-x236.google.com with SMTP id g23so148966942wme.1 for ; Tue, 06 Dec 2016 17:41:02 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=sGu2pBWXuWNhJHkLOcdeNzDKNegDGSSfGM//kNPS0tM=; b=sMC+qwBvizWvBt9RbxuHfIJOiX/I+ygwynm/teYVpWLQZ7hOHDzp7zzFDEUMra9uQ3 d1sc84/doYjeTaGrbPVIHGflvHIG+nXURpgB50mg6BhBkaQpWhotck4Yqsz+5VYXDhny ER2CM6IJfIL+OBzFcPhc/DLRGOl3TSHzGzzgRCuyl25x2gftn2QwZanODAkgnnqlwnu/ FLbymbDk6fqMRIVQOyjhHdyL48fSAGs3rOqIIez8i/PMEzvEqcO6MwZpbjnpMyqJCFlB gNiUXZamMtM4nQn+yYI9R+UmmDnFqYVlY+Sgnpn0dmVuvx790zivvS2tfIiPPQF6qp5l /BNA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=sGu2pBWXuWNhJHkLOcdeNzDKNegDGSSfGM//kNPS0tM=; b=GiY8AlKrgyA/3uIULcPpccrmokflmmNS1Er/3TwVT0BOsZAOE7ZyRToThaZa+uPWgX XCd+fN1hBCaLQpQ/dKkX1TIz8T811Cd4+Jrgs6LAzml3JNbnyaLlMpuTmKT7yK1CHmYG hqyWQH0I6k8P7yFIwD12IDZ9sO70Ncz6qpy3K07SnhOT3HidQrBOQ3s9B2a/siLFLw7a ExbtN1LRqBkWD5WV9l+GDlnF+EXmRkdCF1Vg2rA2I5NFZ6rGSFipW4Lmexheql1Todqg vPbiW86z7aIoM51lBCEe9u/XbsLqB/8y1a0OsFtiqe6LbJf2xWcSkrTPpNVgf8saUXDQ LDpw== X-Gm-Message-State: AKaTC01JqTXnpsBKdV25XtmZEIdZt6H8KggePNDZ2vl6SMikQQsYbVstNC/vXMNaoy4sHumUst1OBCGcozO79g== X-Received: by 10.28.72.198 with SMTP id v189mr234387wma.13.1481074860848; Tue, 06 Dec 2016 17:41:00 -0800 (PST) MIME-Version: 1.0 Sender: hallam@gmail.com Received: by 10.194.83.101 with HTTP; Tue, 6 Dec 2016 17:40:59 -0800 (PST) In-Reply-To: References: <20161129091837.GA25812@littlepip.fritz.box> <1480411542920.18425@cs.auckland.ac.nz> From: Phillip Hallam-Baker Date: Tue, 6 Dec 2016 20:40:59 -0500 X-Google-Sender-Auth: IkFSfqSyXxCYBNlMg8gyi9uUsaM Message-ID: To: ianG Content-Type: multipart/alternative; boundary=001a114b32bcf77a790543079cb0 Archived-At: Cc: IETF OpenPGP Subject: Re: [openpgp] [messaging] On Signed-Only Mails X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 Dec 2016 01:41:06 -0000 --001a114b32bcf77a790543079cb0 Content-Type: text/plain; charset=UTF-8 There is actually an extensive literature on what digital signatures mean from a legal point of view. The ABA has been working on that for decades. Digital signatures are merely a form of electronic signature. And in the US at least anything that is intended to have the effect of a signature is a signature for legal purposes. If you are going to raise legal issues as a reason to do something then go study what the law actually is. It really isn't hard even in US common law. It is even simpler in continental law systems. The problem of digital signatures creating unintended contracts simply does not exist. Lawyers thought through those issues in the 1990s. The reason you need signatures in electronic mail is that there is no way I am going to let encrypted mail through my spam filter without a signature from someone I trust. Take out the authentication function and the encryption function fails. --001a114b32bcf77a790543079cb0 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
The= re is actually an extensive literature on what digital signatures mean from= a legal point of view. The ABA has been working on that for decades. Digit= al signatures are merely a form of electronic signature. And in the US at l= east anything that is intended to have the effect of a signature is a signa= ture for legal purposes.

= If you are going to raise legal issues as a reason to do something then go = study what the law actually is. It really isn't hard even in US common = law. It is even simpler in continental law systems.

The problem of digital signatures creating unint= ended contracts simply does not exist. Lawyers thought through those issues= in the 1990s.
=

=
The reason you need = signatures in electronic mail is that there is no way I am going to let enc= rypted mail through my spam filter without a signature from someone I trust= . Take out the authentication function and the encryption function fails.

--001a114b32bcf77a790543079cb0-- From nobody Sat Dec 10 20:08:35 2016 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 45028129496 for ; Sat, 10 Dec 2016 20:08:34 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.337 X-Spam-Level: X-Spam-Status: No, score=-2.337 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.001, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, HTML_OBFUSCATE_05_10=0.26, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FDMx0-EAi4m5 for ; Sat, 10 Dec 2016 20:08:32 -0800 (PST) Received: from mail-wm0-x235.google.com (mail-wm0-x235.google.com [IPv6:2a00:1450:400c:c09::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 141E5129449 for ; Sat, 10 Dec 2016 20:08:31 -0800 (PST) Received: by mail-wm0-x235.google.com with SMTP id f82so21851199wmf.1 for ; Sat, 10 Dec 2016 20:08:31 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=pyKU3z+isGG3QEhJTu0FLomz8fHzo3L9M4lOCoEEtGM=; b=0p6DCjqtvhvx38ww/bwlA1QG4cbq59RmO4eDDArUQf8nrmp6Sd3ErvsWzOTpm9Mo+e xs/sDzcHVJ7sonV0fhYchchRzfQ0jyUaz7gzP2Rz50lCNSR8QJNAss7nVgQ20yLXBg5v 9+eRJEUjR9NluYb/xbM5c899TwneFWAJgwA8qLBDVlq4VoJKNqv7qLPQ5KxerT/z3EnM fR1s5d0eF6e3U9G/KyuaTEcX5dIxbZDtUS0pJ70N5aGIiiGZc9B4KhFzg9mZmKDtvYva 7AXTu3PFNa5BC4BUdQH+9lQnSCY1lhtTZebW7CkLyGqmbsgiJMssDR6tvToj73kpdnHJ 8yEg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=pyKU3z+isGG3QEhJTu0FLomz8fHzo3L9M4lOCoEEtGM=; b=T/q7KgEkFDMbsFrpOqhvUzMOv5x4fdXr2KU0ZhYGQXEIUew7giwsrefhPY1heEFiWF aX0nO1ORun+bOBDTjg9XR8fMk0J71HVjVMctgTWAFj7NXJZuwMEjB9h4LqIA9WhyFbqc j+RwkizU9lqYC2iG+DUqSY73TUsTKj5n/iJsUt3qlpebezkkD8eeckVHM9TkgqzuvLoj VA16qOe0BAHHPNH+VVjUfK7+x1K9T4q0+HxYu37RFa/Tszy1XgDHoYSWujp3gugL/css rMRKm+QgaGVnTpVVnrd/OD1yhiDOdbpV2nQYQ1s3804BRdKffKyr5e/ywauyv1JtCHcY a9+w== X-Gm-Message-State: AKaTC00OfEEkWzfv/QB3Fu6oygNCiTDjLnLx2Ej0t8c1YWN8bHhkNY2IfE8Dd0KPUcrZKNWV4aEI3NhixwY2bw== X-Received: by 10.28.218.129 with SMTP id r123mr3880591wmg.137.1481429310302; Sat, 10 Dec 2016 20:08:30 -0800 (PST) MIME-Version: 1.0 Sender: hallam@gmail.com Received: by 10.194.83.101 with HTTP; Sat, 10 Dec 2016 20:08:29 -0800 (PST) In-Reply-To: <54a2cbfb-70e2-4655-b5bb-3ded94ba3cec@iang.org> References: <20161129091837.GA25812@littlepip.fritz.box> <1480411542920.18425@cs.auckland.ac.nz> <54a2cbfb-70e2-4655-b5bb-3ded94ba3cec@iang.org> From: Phillip Hallam-Baker Date: Sat, 10 Dec 2016 23:08:29 -0500 X-Google-Sender-Auth: vd2oN-juNJ_T5cC_rK49YLmDT6E Message-ID: To: ianG Content-Type: multipart/alternative; boundary=001a114697bcccf1cd05435a236e Archived-At: Cc: IETF OpenPGP Subject: Re: [openpgp] Steven Mason's "Electronic Signatures in Law" now in 4th edition and FREE! X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 11 Dec 2016 04:08:34 -0000 --001a114697bcccf1cd05435a236e Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On Tue, Dec 6, 2016 at 1:36 PM, ianG wrote: > On 29/11/2016 04:25, Peter Gutmann wrote: > >> see e.g. Steven >> Mason's excellent "Electronic Signatures in Law"). >> > > Just as an aside, the 100 quid ++ excuse to not read Mason's book is now > gone. The 4th edition is out, it's free online, in a PDF form. > > > http://ials.sas.ac.uk/digital/humanities-digital-library/obs > erving-law-ials-open-book-service-law/electronic-signatures > http://financialcryptography.com/mt/archives/001602.html > =E2=80=8B=E2=80=8B > > And you can still purchase the paper versions or Kindle or etc if you're = a > lawyer! > =E2=80=8BWhich would appear to remove the argument that we should avoid dig= ital signatures because they are too difficult. It really isn't that difficult to see that the digital signature does not make the legal position any worse than it is with regular email and could if correctly applied make things a lot better. What we are really talking about here is not merely the creation of an autography but the performance of an intentional act of signing. I don't think that a regular email application or for that matter any general purpose communication mechanism should be used for that purpose. Rather, intent to sign should be expressed through a separate application and a key that is specific for that purpose. --001a114697bcccf1cd05435a236e Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable

On Tue, De= c 6, 2016 at 1:36 PM, ianG <iang@iang.org> wrote:
On 29/11/2016 04:25, Peter Gutmann w= rote:
see e.g. Steven
Mason's excellent "Electronic Signatures in Law").

Just as an aside, the 100 quid ++ excuse to not read Mason's book is no= w gone.=C2=A0 The 4th edition is out, it's free online, in a PDF form.<= br>

http://ials.sas.ac.uk/digital/humanities-digital-li= brary/observing-law-ials-open-book-service-law/electronic-signatu= res
http://financialcryptography.com/mt/arc= hives/001602.html
=E2= =80=8B=E2=80=8B

And you can still purchase the paper versions or Kindle or etc if you'r= e a lawyer!

=E2=80=8BWhich would appear to remove the argument t= hat we should avoid digital signatures because they are too difficult. It r= eally isn't that difficult to see that the digital signature does not m= ake the legal position any worse than it is with regular email and could if= correctly applied make things a lot better.

What we are really talking about here is not merely th= e creation of an autography but the performance of an intentional act of si= gning.

I don't think = that a regular email application or for that matter any general purpose com= munication mechanism should be used for that purpose. Rather, intent to sig= n should be expressed through a separate application and a key that is spec= ific for that purpose.
--001a114697bcccf1cd05435a236e-- From nobody Mon Dec 19 11:08:54 2016 Return-Path: X-Original-To: openpgp@ietfa.amsl.com Delivered-To: openpgp@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9B70E1295CA for ; Mon, 19 Dec 2016 11:08:52 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.601 X-Spam-Level: X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=hush.ai Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id f6iyUO7gSkk0 for ; Mon, 19 Dec 2016 11:08:50 -0800 (PST) Received: from smtp3.hushmail.com (smtp3.hushmail.com [65.39.178.200]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D8253120727 for ; Mon, 19 Dec 2016 11:08:50 -0800 (PST) Received: from smtp3.hushmail.com (localhost [127.0.0.1]) by smtp3.hushmail.com (Postfix) with SMTP id 3910EE025E for ; Mon, 19 Dec 2016 19:08:50 +0000 (UTC) X-hush-tls-connected: 1 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=hush.ai; h=date:to:subject:from; s=hush; bh=I9uZ/r5tI3uZrh0aL/tE9Zd85FjiLkEN3J2eOR2LGR0=; b=DbLfKfvWX2McoZW1yUg3QI7zPV9ImG7sFXvHiSiRV5NT0jXaIJoafHinVPk+XCOUzaQ8sxtrnMSysuTnt75PVAErPfTk/AKRLRyIxm+ovXsQ7IV2n+jfSZ4muHdksHouUOHQLs9DQuvCnLt/KJUs652LelX+DBK9KhrIQj7oQS6Wh9ftWQ+kAnc/BzO+5wPEqB4jZGxCc2+jHSPpiN1avGn3OKEZIsWOHHFN2C1Bxjlh4a+uqV4cZm2z81P/QBKjt8fFonv5dtI2Vha0YjUN4VwMFLQ/xtYQPfPVzGP+rsbz63P7Sbrt6DS8rqNq5uOMkKgvtJBjvLM8Mgw0MjKrJg== Received: from smtp.hushmail.com (w7.hushmail.com [65.39.178.32]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp3.hushmail.com (Postfix) with ESMTPS for ; Mon, 19 Dec 2016 19:08:50 +0000 (UTC) Received: by smtp.hushmail.com (Postfix, from userid 99) id 0163E40630; Mon, 19 Dec 2016 19:08:49 +0000 (UTC) MIME-Version: 1.0 Date: Mon, 19 Dec 2016 14:08:49 -0500 To: "openpgp" From: vedaal@nym.hush.com In-Reply-To: References: <20161129091837.GA25812@littlepip.fritz.box> <1480411542920.18425@cs.auckland.ac.nz> <54a2cbfb-70e2-4655-b5bb-3ded94ba3cec@iang.org> Content-Type: multipart/alternative; boundary="=_977a0e98e8f92e6a6b32c87172aa4e8c" Message-Id: <20161219190850.0163E40630@smtp.hushmail.com> Archived-At: Subject: Re: [openpgp] Steven Mason's "Electronic Signatures in Law" now in 4th edition and FREE! X-BeenThere: openpgp@ietf.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Ongoing discussion of OpenPGP issues." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Dec 2016 19:08:52 -0000 --=_977a0e98e8f92e6a6b32c87172aa4e8c Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="UTF-8" On 12/10/2016 at 11:08 PM, "Phillip Hallam-Baker" wrote: ​Which would appear to remove the argument that we should avoid digital signatures because they are too difficult. It really isn't that difficult to see that the digital signature does not make the legal position any worse than it is with regular email and could if correctly applied make things a lot better. What we are really talking about here is not merely the creation of an autography but the performance of an intentional act of signing. I don't think that a regular email application or for that matter any general purpose communication mechanism should be used for that purpose. Rather, intent to sign should be expressed through a separate application and a key that is specific for that purpose. ===== There is a commercial product called Docusign https://www.docusign.com/ I'm not familiar with the specifics, but it seems not to have done away with the central issue, of trusting that the signer is the real person whose name is being signed, just as an open-pgp signature is not trusted unless one trusts that the signing key belongs to the person of that name. Just as anyone can create a pgp signing key with any name, anyone (with the proper personal information) can create a Docusign key/certificate. vedaal --=_977a0e98e8f92e6a6b32c87172aa4e8c Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset="UTF-8"

On 12/10/2016 = at 11:08 PM, "Phillip Hallam-Baker" <phill@hallambaker.com> wrote:

=E2=80=8BWhi= ch would appear to remove the argument that we should avoid digital signatu= res because they are too difficult. It really isn't that difficult to see t= hat the digital signature does not make the legal position any worse than i= t is with regular email and could if correctly applied make things a lot be= tter.

What we are reall= y talking about here is not merely the creation of an autography but the pe= rformance of an intentional act of signing.

I don't think that a regular email application or for= that matter any general purpose communication mechanism should be used for= that purpose. Rather, intent to sign should be expressed through a separat= e application and a key that is specific for that purpose.

=3D=3D=3D= =3D=3D

There is a commercial product called Docusign  https://www.docusign.com/

I'm not= familiar with the specifics, but it seems not to have done away with the c= entral issue, of trusting that the signer is the real person whose name is = being signed, just as an open-pgp signature is not trusted unless one trust= s that the signing key belongs to the person of that name.

Just as a= nyone can create a pgp signing key with any name,  anyone (with the pr= oper personal information) can create a Docusign key/certificate.

vedaal
--=_977a0e98e8f92e6a6b32c87172aa4e8c--