Reply to post: Email transport is insecure

In non-startling news, EFF says STARTTLS email crypto is mostly done wrong

Brian Scott

Email transport is insecure

Get over it and move on.

The only secure way to communicate via email is with end to end encryption using something like pgp.

The fundamental problem with starttls is that if the certificate on the other end fails for some reason then it can 1) use it anyway, 2) downgrade to non-encrypted, or 3) bounce the email back to the sender. Number 3 is pretty unfriendly for the average user to work around. Number 2 is just stupid because the connection may be legitimate but with a self-signed certificate (or expired, wrong name, whatever) and the encryption would still defeat anyone listening to the connection. Alternative number 1 wins by default.

DANE is good (provided you can use DNSSEC to authenticate it) but support is crap. Also, because of the multi-hop nature of email it is still only protecting an individual hop (although that is probably enough for uncomplicated email these days). Fake headers could be added by anyone along the way claiming encryption when it isn't used (why you would is beyond me if you can fiddle the headers then you already have access to the content).

However, all this is solved if your email client encrypts the message in a way that it can't be decrypted until the destination email client decrypts it. The worst that an adversary can do is stop the email from being delivered. This is something that already happens regularly with over zealous spam checkers so is now an inherent problem with email anyway.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon


Biting the hand that feeds IT © 1998–2021