[6843] in cryptography@c2.net mail archive
ZixMail Replies
daemon@ATHENA.MIT.EDU (Paul Holman)
Fri Mar 24 19:13:24 2000
Mime-Version: 1.0
Message-Id: <v04220801b501aa25903e@[10.1.9.126]>
Date: Fri, 24 Mar 2000 16:06:29 -0800
To: David Cook <dcook@zixit.com>, Ron Woessner <rwoessner@zixit.com>
From: Paul Holman <pablos@shmoo.com>
Cc: tsg@shmoo.com, cryptography@c2.net, cypherpunks@toad.com,
pgp-users@cryptorights.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
David, thanks for your reply. I've posted the message below,
including your full reply to help clarify things. I'm certainly
encouraged to hear that you've eliminated key escrow from your
product. The single most important change you could make.
I hope you understand that we'll continue to be critical of ZixMail
and other technologies which claim to be security solutions, but do
so in a proprietary manner. While I appreciate your efforts to make
email encryption more accessible and easy to use, there are a number
of significant drawbacks to consider. First, this creates factions
in the user base. Email encryption is much like email itself. It is
really only useful if both people's systems can "talk" to each other.
Maybe you remember when online services were popular. If you were on
AOL, you could email others on AOL, but not those on Compuserve.
Eventually, the value of connecting the two is realized, and you have
to integrate the lowest common denominator between systems. This is
a sad process that ultimately will hurt the cause of email security.
The existing standards (S/MIME & PGP) leave a lot to be desired in
functionality, the current implementations lack in usability.
However, I would encourage you to consider building on these
standards. Allow me to use PGP to secure my email to ZixMail users.
The cryptography community has learned a great deal about the value
of open source. Sharing algorithms and protocols for peer review has
made them strong and predictable. This has been proven time and
again as proprietary implementations are broken, often publicly. In
all likelihood, you're benefiting from this approach, and have chosen
RSA or DH/DSS for your public key ciphers. This may give you
quantifiable confidence in your work, but you're asking your users to
trust you and your implementation of these ciphers. Our view is that
what is publicly known can be trusted, that you should pass the code
on to your customers, so they can see for themselves how secure it
is, as the cryptographers you're relying on have done for you.
Thanks for listening, I think you'll find there is a large community
of security professionals who are willing to embrace a service such
as ZixMail for it's added value. At the same time, we're leery of
people exploiting security technologies for profit which don't
contribute to the common good.
Paul Holman
My posting to cryptography@c2.net, cypherpunks@toad.com,
pgp-users@cryptorights.org and <http://www.shmoo.com> follows:
Yesterday, we reported that ZixMail <http://www.zixmail.com>
incorporated key escrow. Today I got an email message from the CEO
of ZixIt Corporation <http://www.zixit.com>, David Cook claiming that
is no longer the case:
>I wanted to address the "key escrow" issue that you have raised regarding
>ZixMail.
>
>The quote that you reference was from last July - when the escrow was
>required for "hard" encryption. That requirement was eliminated in December
>- and we do not keep an escrow of any kind.
>
>I would like to invite you to come to Dallas and visit our data center. I
>will personally walk you through the system design, etc...
>
>Let me know if you are interested in coming to Dallas.
>
>Thanks
>
>David Cook (CEO)
>ZixIt Corporation
My efforts to contact ZixMail about this yesterday failed, and I
apologize for the outdated information. Hopefully they're working on
replies to our other advice:
- Open source their (crypto) code
- Embrace at least one of the existing standards for
encrypted email (PGP &/or S/MIME).
- --
Paul Holman
Special Agent
The Shmoo Group
<http://www.shmoo.com/>
pablos@shmoo.com
<http://www.shmoo.com/~pablos/>
PGP fingerprint: CFBF CC8D 7BC8 FDE3 74BD
9DB0 88E6 B201 3F5A B569
-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.2
Comment: The magic words are squeamish ossifrage.
iQA/AwUBONwDIYjmsgE/WrVpEQLlbACgqJoCNZ9WS9GbfDc8gw8EwUbo8+IAnjeB
XFG2t0HwS5pT+QROnYUQQ8WJ
=XK6U
-----END PGP SIGNATURE-----
