email Crypto- third party

Richard Clayton richard at turnpike.com
Mon, 2 Aug 1999 13:11:42 +0100 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

In article <1.5.4.32.19990802065733.006c9cf8@192.168.0.65>, Donald
Ramsbottom <donald@ramsbottom.co.uk> writes

>It may suprise this list to know that many (if not all ) the large London
>firms of solicitors habitually send correspondence by fax only.

rather than ever generating a real letter ?

> It is
>cheaper,

cheaper than 26p stamps I assume (or motorcycle couriers).

It is in principle more expensive than email, although minimum pricing
on telephone calls may obscure this.

> and they know it has arrived as they get a print out that says so.

An important quibble is that the print out actually says that it has
been sent - NOT that it has arrived in a readable form.

Since there is no store and forward in the system (in fact there can be,
since faxes can be turned into emails or be collected by computers which
then make them available on a screen before putting them onto paper)
then the assumption made is that sending and delivery occur
contemporaneously - hence the practical, working, assumption is that the
fax has "arrived". However, that assumption can be incorrect.

>The fact that it is totally insecure eludes them, probably through
>ignorance,

the main insecurity would be in the dialling [a human may send it to the
wrong place - hence those disclaimers on the cover sheet which attempt
to put people on notice of the confidential nature of the contents].

it is possible to intercept fax calls, but it would take a fairly
skilled operation to do it. Compared with email, there are significant
technical hurdles to jump (or am I just showing my familiarity with some
technologies and ignorance of others ?)

> but even if they knew, they would probably say there is no viable
>alternative which ensures that they *KNOW* that its got through.

There are several schemes for email that provide proof of delivery,
either to systems or to particular end users (depending on the
situation, both can be seen to be of use).

The MDN (Message Disposition Notification) scheme is (finally!) an IETF
proposed standard and several email packages now provide interworking
versions of it. The scheme does not provide for cryptographic signing of
the requests or responses, so it could be seen as insecure. However,
getting something into the field was seen as a key first step. Automatic
notifications are, in general, a nuisance unless your software can hide
them away from you completely - so I'm unclear how much it will be used
in practice.

>I am glad to see changes will be made in the future but products need to
>have inbuilt safe guards from the begining to inspire the all important
>CONFIDENCE.

When asked how to know if an email has been received and read I always
recommend adding the magic mantra

        "please ring me to confirm receipt when you've read this far"

just after the third paragraph. I find that this is effective, very
reassuring, and by using sophisticated audio authentication techniques I
find it gives me great confidence that the correct person received my
email.

>Just a thought for the crypto suppliers out there.

the issue you raise is a general one to do with email delivery. It is
not a crypto issue per se - except in so far as encryption can give you
the reassurance that mis-delivered email will be unreadable because the
private keys will not be to hand; not something one can be happy about
when sending faxes.

- -- 
richard                       writing to inform and not as company policy
        only 25 MPs still need adopting:  http://www.stand.org.uk/
"Assembly of Japanese bicycle require great peace of mind" quoted in ZAMM

-----BEGIN PGP SIGNATURE-----
Version: PGPsdk version 1.1.1 (C) 1997 Pretty Good Privacy, Inc.

iQA/AwUBN6WK/u5vmeyLY9DdEQI4IQCg0SfK1q9DVoQFZQ/xjo3IMe6LnfcAniYw
ejhPgPuJba3JTwakJTxt2nDB
=I/F1
-----END PGP SIGNATURE-----