[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20040307213853.GB31514@retemail.es>
From: jorge at naranet.biz (Jorge Daza)
Subject: Re: E-Mail viruses
Hello,
why not solve the problem the way it is handled in other environments ?
We have two people that do not necessarily trust each other, and they
want to share a file. We can create trusted third parties to verify
origin, store and maybe even analyze the file.
A the receiver
B the sender
C the trusted third party
A trusts C, C trusts A
B trusts C, C trusts B
B sends an email to C with the file digitally signed. C stores, and
analyzes (not really helpful, as I don't think we can trust analyzers)
the file and sends a new digitally signed message to A, with
either the file or a pointer to the file stored in a trusted location.
A decides whether she wants to follow the pointer or leave the file in
storage. Whenever we stop trusting either A or B the third party can
stop trusting them leaving the trusting chain still secure.
The trusted third party can be inside or outside the company, but we
decide who is the people we really want to accept attachments from.
This solves some problems that could arise with other solutions. For
example, if we have a secret extension, it is shared by all employees...
that means, any time an employee leaves the company we have to change
the secret for everybody. Not good.
Other problem that comes to my mind, weak shared secrets might solve the
problem in some way for spreading massive viruses but not for directed
attacks. In those cases probably the attacker is already reading the
email of some or all of the employees, thus she surely knows the secret
extension. Even if the attacker can't read the email, lets consider the
strength of a secret that is sent plaintext on every message. Not good.
Of course this solution can be too complex for home users, that can
still rely on crypto, but not to receive attachments from people they
don't even know.
But I guess it could be implemented in bussiness environments.
My two cents.
Best wishes,
Jorge
--
Jorge Daza - jorge@...anet.biz - GPG key available
---------- -----------------
Powered by blists - more mailing lists