E-Mail Clients That Support X.509 Digital IDs? 113
"I have already checked a previous Ask Slashdot on this, as the title would suggest being close, but it seems to be more about sending anonymous e-mail through a secure POP/SMTP connection for an ISP which is a tad different and a tad more complicated than my needs.
In my particular case, I have this Digital ID that confirms that any mail a recipient gets is actually sent from me. The way it works, every time I send mail, it pops up a dialog and asks for my password. After confirmation, it encrypts the contents and attaches a security certificate that the recipient can view to confirm authenticity. In this way, even someone on my machine can't send mail as me. The certificate allows me to encrypt mail also, so only people that have my specific key can read it. It has several other useful features as well. (Here's a quick FAQ link)
I have to do this because, at work, I deal with about 100 developers that live in an unnamed former Soviet bloc country, and are QUITE security concious. The Verisign DigitalID allows them to be sure that the mail they are getting comes from me. It's quite cool, and I would LOVE to have this capability in Linux. Unfortunately, there seem to be no solutions to this problem, at least none that are obvious."
Danger Will Robinson (Score:1)
Re:Your security isn't secure (Score:1)
OK, Outlook Express (Score:1)
Sorry, Pronto, not PMail (Score:1)
Mail programs to support multiple accounts (Score:1)
Re:Give a me break .. (Score:1)
X.509 as open and secure as PGP (Score:1)
All of the people involved in developing these standards are "techno-geeks" who really know and care about security. The cryptography and protocols used in X.509 PKI are as strong as anything else out there. If you're really untrusting and paranoid, then you don't have to trust any other CAs, you can run your own.
open-source crypto toolkit (Score:1)
It runs on every platform that Mozilla does: Windows, Linux, Solaris, HP, AIX...even Mac!
Re:If Lotus Notes is an option, run it under WINE (Score:1)
Re:If Lotus Notes is an option, run it under WINE (Score:1)
Re:If Lotus Notes is an option, run it under WINE (Score:1)
Calendering might be annoying too but it some ways it would be better.
Calendering might be annoying via the HTML interface but in some ways they could improve it over the current Notes client interface.
Protected Authenticated Path (Score:1)
If your smartcard reader has a so called protected authenticated path ( a pin pad or a fingerprint reader), the pin or the biometric info will _never _ enter your computer. And voila, you are protected against evil programs like back orifice!
Take a look at precisebiometrics [precisebiometrics.se]
The PKCS#11 standard: www.rsalabs.com
A pin pad solution that provides protected authnticated path: www.accessgear.com
Re:Netscape, openssl (Score:1)
Feel free to lend a hand.
--
Re:establishing trust without verisign (Score:1)
Try SwissSign [swisssign.com] for free X.509 certs and server certs.
Re:You're getting ahead of yourself (Score:1)
Why not simply use PGP? (Score:1)
Re:Why not simply use PGP? (Score:1)
SMIME? (Score:1)
The SSL plugin for Mozilla may add S/MIME support for this task too. Otherwise there's aways openssl on the command like and mutt
Phill
Re:x.509, S/MIME, OpenSSL and Pine (Score:1)
In the bit about importing the X.509 certificate after you export it from Netscape in pkcs12 format, the command for importing it should read: "openssl pkcs12 -in netscape.p12 -out temp.certs".
That little typo of "-i" rather than "-in" is a touch embarassing.
Flamer Living in a Straw House (Score:1)
If there are people who have your private key, you're in a world of trouble, my friend. They could then decrypt anything that was encrypted with your public key (intended for you). Private keys are exactly that, private. I suggest you do some reading.
Re:SMIME? (Score:1)
Re:Why not simply use PGP? (Score:1)
As the original author is stating, the ex-soviets are security conscious too, so he should get their certs from some directory service (or, if using Messanger, included in every signed mail) and encrypt with S/MIME directly.
Re:establishing trust without verisign (Score:1)
Because clicking on sign&encrypt in Netscape is so much simpler.
Re:Netscape PKCS-11 and Microsoft CSP (Score:1)
VeriSign will give you a X.509 Cert (possibly in a PKCS#7 [rsasecurity.com] Message Format).
VeriSign might deliver Certs on SmartCard-like token, which are accessed from Netscape via a PKCS#11 compliant driver.
Re:You're getting ahead of yourself (Score:1)
Re:I think it should be email (Score:1)
Punctuation is your friend. Embrace it.
or
Punctuation is your friend; embrace it.
Re:Who hyphenates email anymore? (Score:1)
Boss of nothin. Big deal.
Son, go get daddy's hard plastic eyes.
Re:establishing trust without verisign (Score:1)
I only pay for things which have value.
Re:Flamer Living in a Straw House (Score:1)
Right, only people with his private key can read it. As the only person is him, only he can read it. What's the problem?
Re:You're getting ahead of yourself (Score:1)
Its written in perl, and uses the GTK bindings, so you may have to download a few things to get it to work, but the install script takes care of this for you.
Re:You sound like a corn-fed windows cow (sorry) (Score:1)
Other email programs (Score:1)
http://www.verisign.com/client/enrollment/diff_
From the 'Asker'... (Score:1)
Anyway, my original intent with my question was to find an email client, in Linux, that worked with a standard verisign digital id, much like it's handled by outlook in windows.
In the 'new world' of Linux, we need a quick and easy way to prove our identities...I don't want to have to lose functionality to gain one advantage (ie, using a console mail app and losing rules/filters/multiple accounts, etc...).
Thanks for your input, and I will keep you up-to-date (thats for the hyphen people below) on my search.
thanks again. cya!
establishing trust without verisign (Score:1)
So what's wrong with calling your coworker with a message (EG "I like green tea") and encrypting that message with your private key (using gpg or pgp), and putting your public key up on the web (giving the URL to the public key over the phone) or putting your public key on the keyservers?
Then if your overseas coworker can decrypt the message and get the correct text they learned of on the phone... it would seem this would go a good ways toward establishing trust.
Sure, someone could snoop the overseas call and send the same message encrypted with their own private key, but they'd have a hard time taking down your website (which has the public key) and replacing it with their own (which would then hold the attacker's public key) without you noticing and calling back your coworker.
I tend to like high tech solutions like verisign, but if I have to pay for a key, I'll look more closely at the free solutions first.
Re:You're getting ahead of yourself (Score:1)
I'm at work so don't have the url, but you can find it at freshmeat.
The how and why of S/MIME and PGP/MIME (Score:1)
Why don't people develop an email client that supports S/MIME or PGP/MIME for Linux? The crypto toolkits. It's that simple. The tools are really complex, involve math that most people aren't familiar with, and invlove security, so if you don't do it just right, it might be insecure.
Don't even think about using a third party toolkit for a linux app (unless you want to make the app non-open source). You would go bankrupt 100x over if you tried that. They are absurdly expensive for the most part (both the PGP kits from Network Associates, and the RSA kits and so on). I'm not over familiar with what might be available already open source, but I would be extremely surprised to find an open source toolkit that handled all of the neccessary algorithms and encodings.
Not long ago, you couldn't use the RSA alg without paying royalties to RSA (of course you can now). That severely limited what you could do with open source RSA based algs. You also had the problem of export controls and ITAR etc. Just ask Phil Z. why this is a pain in the ass. So until just recently it would have been almost absurd to support S/MIME on open source. (Being as you would have had to pay RSA royalties on each copy of your free toolkit, and then get commerce department approval to export your toolkit (i.e. put it on the internet for general consumption) if you are in the US).
Even today, if you want to develop an S/MIME client for linux, you will still need to write a good toolkit that handles all of the cryptography algorithms as well as the encoding/decoding of ASN.1 data (and other data formats if you are using PGP/MIME). Your toolkit must be open source (well at least it seems like it SHOULD be anyway), it must be secure (i.e. good PRN generators, zero out used memory, take advantage of cryptographic hardware if it is there, etc.), and it is going to take a heck of a long time to write.
Now, when you are all done with the toolkit, then you can integrate it into an email client, with all of the UI that that may or may not require. All for a feature that almost nobody will use, and for functionality that you could have gotten (for the most part) using PGP and a little extra work.
I think security is "a good thing", but today very, very few people use it, and most people simply don't care about security. Partially becuase it is so complex to do and to use properly, partially because most people just don't see the need for it in their day to day lives. Even in the simplest implementations, security makes exchanging email more complex because both parties must first create keypairs (and certs if using many protocols), and then somehow exchange them.
Don't get me wrong, I think that email clients with built in security (such as S/MIME or PGP/MIME) can be a very nice thing, but I'd say that at this point they probably aren't worth the effort on Linux.
NOTE: Why was it (relatively) easy in windows? The cryptography API that is part of windows. It has (more than) its share of flaws, but you can work around all of them that get in the way, it's free, and it's guaranteed to be on every windows box out there (excepting Win 3.x). Say what you want about M$ (I am not a big fan), but the gazillion APIs in the OS do make it easy for developers to add new features to existing apps in a relatively small amount of time (assuming that the API works and/or is documented). (I know, I know. The same can be said of open source, assuming that what you want is out there already). If my work had been targeting UNIX platforms instead, we would have had to have licensed a toolkit from RSA probably, and that would have cost us at least a quarter million, whereas the M$ stuff was free.
Eric Klein
Re:Who hyphenates e-mail anymore? (Score:1)
About the only counter example I can think of is x-ray which I have seen spelled xray.
Re:establishing trust without verisign (Score:1)
Instead of doing this phrase thing, if you can call the guy, why don't you just have him read you your public key aloud, and you can look at it while he talks and make sure it is the same (or vice versa) ?
Printing out the key and mailing it to him works great also. (A floppy disk or anything else to attract attention to the envelope may be a had idea for Russian mail.)
Those are X.509 certs. (Score:1)
--
Re:Beonex and Netscape (Score:1)
Re:Beonex and Netscape (Score:1)
Re:establishing trust without verisign (Score:1)
Re:Danger Will Robinson (Score:1)
Kinda off topic, but you just gave me a great idea (Score:1)
GemSafe Workstation deals with another dimension of this problem - it wraps Netscape's PKCS11 and IE's CSP functionality and enables the browsers and e-mail applications to store their x.509 certificates on a SmartCard.
Not having the certs ever stored on a hard drive is something of an appealing idea, seeing as it gives you both mobility and an added level of authenticity, since there's only one copy of your private key in existence - and it happens to be protected by hardware encryption on a self-locknig pin-protected card.
Here's the deal, though - GemSafe workstations only runs on Winblows systems at the moment.
A few guys on our team, or elsewhere in the Gemplus Linux group have adapted some of the GemSafe functionality to linux - the pam-with-smartcard smart-login to machines, ssh-from-a-smartcard type stuff, but we've never adapted our own PKCS-11...
What a great idea! I'm bringing it up at this afternoon's meeting, I just wanted to thank you for the idea, and see if anyone else has any additionals input to offer. :)
Monstre.
LinuxChicks of http://www.gemplus.com
gila.sheftel@gemplus.com
Re:Poll: Most offensive USIan epithet (Score:1)
Re:Only one I know of. (Score:1)
One thing I'm sick and tired of hearing is the neverending chorus of PGP (GPG) users exclaiming why don't you just use PGP? Face it people, if this guy can't figure out that netscape messanger will solve his problem under linux then he's going to have a hell of a time with PGP. And since 99% of users are generally cluefree concerning matters of encryption the chance that his correspsondents also no nothing about PGP is fairly high.
Shite.
Re:From the 'Asker'... (Score:1)
Now Netscape likes its certs in PKCS12 format, so you may need to use openssl to do the conversion
openssl pkcs12 -in cert_from_verisign -inkey your_private_key -out something.p12 -export
should do it.
It's probably not a good idea to use PGP because 90% of e-mail users on this planet use M$ Outlook which only supports S/MIME and the point of e-mail is to be able to send it to and receive it from other people.
welllllll.... (Score:1)
No. But I think that I know that we do have a VeriSign compliant secure e-mail program in Linux...
And if we do, where the heck is it?
http://www.netscape.com [netscape.com]
Options... (Score:1)
Also, check out Mutt at http://www.mutt.org [mutt.org] for a secure application.
Re:You're getting ahead of yourself (Score:1)
Re:You're getting ahead of yourself (Score:1)
bzzt yourself (Score:1)
I was quoting him and fixing his terminology.
Attaching a certificate to a message doesnt prove the person wrote that message. A signature does.
The certificate is supposed to help you ensure that the public key used to check the signature belongd to the person you think it does.
read better
Re:You're getting ahead of yourself (Score:1)
Standards (Score:1)
--
PIMP (Score:1)
Netscape PKCS-11 and Microsoft CSP (Score:1)
Also, take a look at some of the cool devices you can use to carry your certificates in. They are very inexpensive these days and you can use them on almost any platform and take them with you! Check out http://www.ibutton.com/pki.html [ibutton.com]. These things rock! I just bought one!
-Pat
Re:Who hyphenates e-mail anymore? (Score:1)
YOU are forgetting the question... (Score:1)
Netscape... (Score:1)
supportting multiple accounts- not Outlook (Score:1)
Re:Give a me break .. (Score:1)
Re:Give a me break .. (Score:1)
Re:Danger Will Robinson (Score:1)
Re:Your security isn't secure (Score:1)
You say that it couldn't be you, because you always use encryption for everything you do? Convenient excuse. Hard to use that certificate on that computer in the office from the unemployment line.
Point is that unless you live in a tank you're not even going to be 99% safe. Heck, even then, give enough Vodka to some guy name Lenin and his wife and years later you end up with a kid with whole lot of tanks that'll take your keys and give you to guys with enough bamboo sticks to make you shout your keyphrase 5 times a minute.
Re:Give a me break .. (Score:1)
Re:The how and why of S/MIME and PGP/MIME (Score:1)
Although in general usage the word "security" has a range of meanings, when we talk about it in this context, we are mostly referring to the following:
- encryption, to protect a communication against disclosure to other than intended recipients
- signing, to "guarantee" the identity of the sender and to provide for non-repudiation of the message (I can prove that you sent the message, and that it hasn't be tampered with)
So PGP is a good solution for encryption, but would require a deal more before it could be used for non-repudiation. For example, there is a PGP key pair for Patrick Keogh. I assert that I am Patrick Keogh, and indeed the same Patrick Keogh, but the reader would be foolish indeed to assume that any message that comes PGP-signed by Patrick Keogh is written by this
All of that "bureaucratic" stuff that you get with X.509 and an appropriate X.500 infrastructure (RAs, CAs, paying for stuff etc. etc. etc.) end up being necessary if you want a general and flexible "security" solution for electronic transactions. And that's not all
I guess in summary, it is like anything else, the devil is in the detail. Doing e-business security without a really good idea of what you're trying to achieve, and what the pitfalls are, is like do it yourself brain surgery.
Re:establishing trust without verisign (Score:1)
Re:Who hyphenates e-mail anymore? (Score:1)
The X in TeX is some greek letter, chi I think, hence the unusual pronunciation.
Re:Who hyphenates e-mail anymore? (Score:2)
Personally, I use e-mail and email interchangeably, depending on the "tone" of the sentence. If I was a man-eating space alien, I'd spell human "hu-man."
Gnus (Score:2)
Only one I know of. (Score:2)
Re:x.509, S/MIME, and OpenSSL (Score:2)
project on SourceForge to do just this - make it easy to integrate S/MIME and other mail encryption capabilities to MUAs.
Feel free to lend a hand.
--
Re:x.509, S/MIME, OpenSSL and Pine (Score:2)
This only works for UNIX/Linux, it assumes that you have OpenSSL installed in
Do these things (and do 'em the way I did 'em) and you'll end up with a Pine that can send S/MIME signed messages, and S/MIME signed+encrypted messages. As for decoding messages, for the moment, export them to a file, strip off the mail headers, and manually decrypt them with openssl. More directions on that later in the post.
- Fire up Netscape or Internet Explorer. My Mozilla nightly from 01/09/2001 couldn't handle this.
- Go to www.thawte.com and sign up for their FreeMail service. You'll end up with a valid, signed by a known CA X.509 certificate.
- When the process of creating your certificate with Thawte asks what kind of certificate you want, choose "Netscape".
- You'll go through a song and dance with Thawte, eventually, you'll have the option to import your X.509 certificate into Netscape. Do it.
- Once the X.509 cert is imported into Netscape, bring up the Security Info window, click into the box to look at "Your Certs", and export your FreeMail cert to a file.
- Use OpenSSL to get the cert out of the pkcs12 format that Netscape saved it in. If you saved the X.509 cert as "netscape.p12" something like.. "/usr/local/ssl/bin/openssl pkcs12 -i netscape.p12 -out temp.certs" would be a good command to try.
- Break the temp.certs file into four parts
* Private Key [save as private.cert]
* Thawte FreeMail Key [save as thawte.cert]
* Thawte Root CA Key [don't save, just toss it]
* Public Key (the one with your email addy) [save as public.cert]
In temp.certs you should see the Private Key first, then the Thawte FreeMail Key, then Thawte Root CA, and finally your Public Key.
- chmod *.cert to something safe. -r-------- might be good.
- Make a
- Su up to root.
- Create a shell script named smime-sign.sh in
- Create a shell script named smime-sign+enc.sh in
- Log out of root.
- Fire up Pine, go into Setup, then Configure.
- Find the "sending-filters" option.
- Create a sending filter that reads "/usr/local/bin/smime-sign+enc.sh _TMPFILE_ _RECIPIENTS_"
- Create another sending filter that reads "/usr/local/bin/smime-sign.sh _TMPFILE_"
- And done!
- Note, you *must* put the public keys of anyone you want to send email to into files in the
- Note, these scripts have only been tested on SuSE Linux 6.4, and I have nasty idea that
- Note, you can only send encrypted email to one person at a time using the smime-sign+enc.sh script. If anyone wants to fix that, feel free.
- Decrypting mail that was sent to you encrypted would use a command something like this (if you exported the email to temp.crypt): "openssl smime -decrypt -in temp.crypt -inkey
- For notes on verifying mail that was sent to you, try www.kfu.com/~nsayer/encryption/openssl.html and look near the bottom of the page.
Scripts:
smime-sign.sh
#!/bin/sh
user=`whoami`
tmpfile="$1"
certdir="/home/$user/.ssl"
sslbin="/usr/local/ssl/bin"
$sslbin/openssl smime -sign -inkey $certdir/private.cert -signer $certdir/public.cert -certfile $certdir/thawte.cert -in $tmpfile > $tempfile.signed
mv $tmpfile.signed $tmpfile
exit 0
--
smime-sign+enc.sh
#!/bin/sh
tmpfile="$1"
if [ ! $# = 2 ]; then
rm $tmpfile
exit 1
fi
user=`whoami`
certdir="/home/$user/.ssl"
sslbin="/usr/local/ssl/bin"
error=0
recipients=`echo $* | sed "s,$tmpfile,,g"`
recipentcerts=`for r in $recipients; do
cd $certdir
grep -l $r *
if [ $? = 1 ]; then
return 1
fi
done`
if [ $? = 1 ]; then
rm $tmpfile
exit 1
fi
$sslbin/openssl smime -sign -inkey $certdir/private.cert -signer $certdir/public.cert -certfile $certdir/thawte.cert -in $tmpfile | $sslbin/openssl smime -encrypt $certdir/$recipientcerts > $tmpfile.signed
mv $tmpfile.signed $tempfile
exit 0
Please consider all code to be firmly under the GPL v2 license. (www.gnu.org/copyleft/gpl.html)
Notes: I only gave this brief testing - there may be a few bugs, particularly in the error handling.
That's all folks!
You can email glorian@eudoramail.com with questions, compliments, praise, etc, but I don't promise replies.
Re:You sound like a corn-fed windows cow (sorry) (Score:2)
Not correct AFAIK--any link in the chain may be compromised, calling into question the validity of any key below it. This is one of the many problems with PKI (in the specific sense that term is often used, not in the general sense), and is why I prefer PGP, which has the same problem (as any public-key structure must), but handles it better.
Re: You're forgetting the philosophy (Score:2)
Well, If you're a singular entity in a singular domain. I'm not. I have accounts in multiple domains. Each domain resides in an entirely separate sphere of influence. For profession reasons my email should originate from the appropriate domain. For privacy reasons no-one needs my personal email address.
It would be nice to not have to log in to each domain for email, but use a central client. Besides, if a client can log into one SMTP server, why not two or three or
Surely I'm not the only one with this problem.
Re:You're getting ahead of yourself (Score:2)
Ummm... have you actually tried this? Its possible with much fiddling with filters to get KMail to reply through the appropriate domain, but you cannot arbitrarily send through a specific domain. Neither does it support "POP before relay"
and no, multiple accounts are not the feature he's looking for, so he's in pace and your'e shooting high.
It seems that any client that can already connect to one server could surely connect to more than one. That doesn't sound like a very high aim to me.
You're getting ahead of yourself (Score:2)
How about a client that simply supports multiple accounts and SMTP servers first?
Of all the clients I've been able to test, some allow you to receive mail from multiple accounts, but none support sending through these accounts. Its always pick one, and only one, SMTP server. What's up with that?
Re:You're getting ahead of yourself (Score:2)
OK, I didn't see that - I'll try it. KMail's in bad need of more documentation
Neither does it support "POP before relay"
What exactly is that and why is it useful?
It is a user verification method that requires one to POP the mail server (check for mail) for authentication prior to using the SMTP server.
This must happen in sequence.
Re:You're getting ahead of yourself (Score:2)
setup seperate
--
PGP can do heirarchial authentication too (Score:2)
All members have their trust flagged to trust all keys signed by the organization-signing key for their organization. They also get their own key signed by the organization key.
By some configuration of how PGP calculates trust, you can put in transitiveness to make organizations trust other organizations. (For example, all are automatically marked to trust any keys signed by keys signed by the 'master organization'-signing key.
True, PGP is not intended for this. One problem is that the key trust is transitive. I trust you who trusts someone elses key who trusts
(So, an organization's master key can be flagged to not spread trust too far. You can also have cross-organizational trusting, and finally, one key may be a member of more than one trust heirarchy. (For cross-organizational groups.)
If Lotus Notes is an option, run it under WINE (Score:2)
Works great.
Idea (Score:2)
find out that seems to be 2 words - PGP
users and X.509 users. Both have some
mechanism within but no way to communicate
securely with another world.
So, here is idea: somebody could establish
service, which will forward email messages,
signed with PGP re-signing it with X.509 and
vice versa.
Suppose PGP user A@a.com wants to send encrypted message to X.509 user B@b.com. In his address book
B is listed as B@forwarding.com and forwarding.com
public key as B public key. So he just send message, which is received at forwarding.com,
decrypted and re-encrypted with X.509 key of B.com
and forwarded to him.
The disadvantage of such scheme is that both parties should trust this forwarding service.
PKCS#12 (Score:2)
Different sender e-mail addresses? (Score:2)
It sounds like your goal is really to be able to send mail "from" any of your various accounts. That is, your recipients should see the mail as "coming from" user1@domain1.com or user2@domain2.com. Am I right?
Really, which SMTP server you use doesn't matter much here, unless you're dealing with savvy people who dig into the SMTP headers. There are several e-mail clients (I use pine) that support multiple profiles. I've got a profile (pine calls it a "role" setup for each of my e-mail addresses. When I compose a new message, I get to choose what role I will use. Pine is fairly intelligent: It recognizes when someone sends mail to a particular address and replys by default come from that address/role (I can always change it, of course)
So what SMTP server do I use? After all, most smtp servers are picky about who they will allow to use their services. Easy: I have to run an MTA for fetchmail to hand my POP'ed email to, so I use the same MTA (sendmail in my case) for sending. Yes, sendmail for one person could be considered overkill and there are simpler, lighter-weight MTA's out there. Find one you like.
In short, worry less about which SMTP server you're using and look for something that lets you define multiple sending addresses.Good luck!
--
Re:establishing trust without verisign (Score:2)
12-hour timezone difference, for starters
Mulberry. (Score:2)
Mulberry (from Cyrusoft: http://www.cyrusoft.com) has Win, Mac, Solaris, Linux clients. It's commercial but worth it.
Has preset identities, which can group an outbound mail "account" and a variety of headers, sigs, and signing/encryption keys. Can configure outbound mail in response to mail in a specific mail "folder" to default to a specific one of these identities.
Automated filter rules are in alpha and need some work, but are almost there.
S/MIME support is planned but not there.
PGP support is in there.
Supports IMAP (full online, offline, or disconnected: offline filing, mailbox creation, etc. work properly), POP and local mailboxes.
Mozilla 0.7 (Score:2)
--
MailOne [openone.com]
Same problem and how I solved. (Score:2)
Re:x.509, S/MIME, and OpenSSL (Score:3)
$HOME/bin/smime_verify:
clear
openssl smime -verify -CAfile my-bundle.crt 2>&1 >/dev/null
$HOME/.muttrc:
macro compose S |smime_sign
$HOME/bin/smime_sign would be something like:
Tovaris Solution (Score:3)
The product is called the Mithril Secure Server and it acts as a proxy which sits in front of a mail server performing X.509 encryption/decryption on incomming and outgoing mail. A lot of ISPs are installing this in order to upsell managed security.
SSL authentication for IMAP/POP/SMTP is required to maintain security from the proxy box to the desktop. This is a very elegant solution which is packaged as a network appliance. Pretty much plug and play for any standards based email servers.
Check it out: http://www.tovaris.com.
Email sales@tovaris.com for more information on pricing, etc.
Re:Your security isn't secure (Score:3)
Beonex and Netscape (Score:3)
With X.509 it is allways crucial to have the root keys installed. And the Verisign ones are in the programs mentioned above. This minimizes the effort for the uninitiated.
It should not be so difficult to includet the PSE from Mozilla in s/w like Balsa, if they offer a generic way to manipulate the network connection before it is made.
But I allways had the impression that most coders in the free software arena prefer PGP, thus never took the time to write the code to support S/MIME and SSL.
The neccesary backend libraries are there (here for instance [openssl.org]), but the integration and the GUI needed to make it happen in end-user software where never done. The good thing about the mozilla PSE is the fact that it has some concept of doing the GUI itself, only the integration has still to be done. If I only had more hours to the day B-)
Re:Netscape, openssl (Score:3)
Beside being more supported for email (ie: usable with more user agents on more platforms) I think that PGP should not have been a bad move for this particular case. Since there seems to be a limited number of identified recipients you can always generate your key, send the public key to the recipient by email and check the finger print by telephone.
S/MIME is more suitable to do secure email with the world since it does not require you to check the public keys (certificates) you receive with their owners. That's right but it does not really solve the problem, it only moves it somewhere else: instead of asking yourself I'm I sure that the key belong to whom it claims you'll have to ask can I trust the certification authority.
Look at the certification authorities in Netscape or Mozilla, there are dozens of them. Well I think I can trust Verisign, Thawte (ok it's the same) but can I trust the other ones? Can I be sure that they properly check the identity before issuing certificates? Sincerly I cannot tell.
In my opinion the biggest advantage of x509 over PGP is the possibility to use your personnal certificate not only to sign or crypt email but also to authenticate yourself on access controled web sites with the same key.
Biometrics aren't secure, either. (Score:3)
X.509 and PGP (Score:3)
PGP has a much simpler format and a default trust model which is much more secure. Unfortunately, the default PGP trust model generally requires a user to manually set up a trust relationship with every other individual. As a result the average person finds S/MIME much easier to use and that's what companies deploy. PGP seems to be relegated to techno-geeks, the paranoid, and people who really need strong security and got good advice.
Re:Why not simply use PGP? (Score:3)
Your security isn't secure (Score:4)
Hate to say it, but that's not true. If you've got something like Back Orifice (or a keystroke sniffer, or even a shoulder surfer) on your machine, then the jig is up. You need to use something which incorporates biometrics [biometrics.org] in order to be really sure your communications are secure and identifiable. Heck, even a SecuurID [rsasecurity.com] is better than a plain password dialog.
-B
Re:You sound like a corn-fed windows cow (sorry) (Score:4)
Bzzt! Sorry, no prize, but thanks for playing.
PKCS 7 does, indeed, attach a copy of the certificate to the message. It also attaches a copy of the MD5 hash of the body of the message, encrypted with the sender's private key. The receiver can then recompute the hash of the message he or she received and compare it to the value he or she obtains by decrypting the encrypted hash paylod with the sender's public key. They must match, or the message has been tampered with.
Finally - and here's why people use X.509 certs, - the MUA can resolve the certificate chain corresponding to the cert in the message. If each certificate in the chain was issued by its putative issuer, and if the root of the chain is trusted, then either the sender's key has been compromised, or the message is both authentic and valid.
PKCS 7 can, but is not required to, encrypt the message body itself. That is a somewhat more complicated process. In order to encrypt a message, it needs the public key of the known recipient. It then generates a cryptographically secure random number, and encrypts it with the receipient's public key. It then use that random number to conceal the contents of the message (using a standard symmetric algorithm). That body is then signed as per the unencrypted form, and the resulting envelope is sent.
It is left as an exercise to the reader to figure out why (a) the message is securely encrypted, (b) the resulting message is repudiable, (c) this all works without either party needing to know the other party's private key and (d) why the keys in each leaf (non-issuer) certificate can be, and are, thrown away after the cert is generated, so that the only copy left in existence is in the cert itself.
Netscape, openssl (Score:5)
You can manipulate S/MIME messages (encrypt, decrypt, sign, verify) using OpenSSL at the command line. I'd love to see mutt hacked to front-end OpenSSL smime the way it can with PGP.
There are those who would argue that X509 is evil, thanks to its strict hierarchical structure (where Verisign's root CA is the big daddy of everything), and that only PGP gives the power to the people -- but from a pragmatic point of view, X509 is everywhere thanks to SSL etc. and if you want to be able to do secure email with the world, S/MIME is the way to go. PGP is attempting to converge with the S/MIME standard in any case.
--
x.509, S/MIME, and OpenSSL (Score:5)
x.509 is typically used with a message format called S/MIME. Recent versions of Netscape Communicator have a facility for sending, receiving, encrypting, and decrypting S/MIME messages using x.509 certificates.
If you use a flexible mail program such as mutt, you can pipe your message through the openssl smime command. By canning openssl smime with the options -encrypt, -decrypt, -sign, and -verify, you can perform all the same operations you could with a client that supported S/MIME natively.