if ( knowledge ) {

A place for thought, progress, and dissent.

Monday, July 17, 2006

Sign Up?

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

My email box is constantly plagued by spam, phishing, and other random junk. Banks, PayPal, and other merchants have spent a lot of time educating the public on how to recognize "spoofed" emails, and not believe (or click) everything they get in their inbox.

Wouldn't it be great if I could know that email came from PayPal?

We have the tools--we have for years. Public Key Encryption (PGP, GPG, and the like), in addition to allowing for top-notch privacy also can allow for nearly-perfect sender identification.

With Encryption, I can send an email to a colleague and know that only he can open it (at Collective Idea, we do this as a matter of habit--even if we're just sending a funny link). The other side, Signing, allows for me to send an email to anyone and have them *know* that I am the only person who could possibly have sent it.

To know that the sender is who they say they are, I do need to have PGP installed, and be smart about accepting keys. If I do both of these things, I have a greater level of assurance. If I don't, I see a message that looks exactly like this one.

I'm starting to think that all web applications should sign emails without exception. Do I care if my account notice from Bascamp is real? Probably not, but I would like to know I can. I'd also like to see PGP more widely used... this could help, if only in a small way.

I'm considering adding signed messages to some apps I'm working on. Is it worth it? Would people respond well, or get confused?



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (Darwin)

iQIVAwUBRLv6khd0oToplsYeAQI1whAAoIdeDC1nXXc5DVlXslxt434/3OBfs1I+
/MwzLkSYDufmJw9eobU35OZq7YJOGcKdjr5G2cINJElOv5o0S+pIhuF4rBRKgcx8
9TUR27ynwrRIkRlOkHVNpsBQK2FkN6miLXGi+gvuGVITa4X8OQtP8P/9oXiH+hcG
MTiQ08ya3uD55SZ8awLSRjOixy/JcBcShG8by4TghW+Phx7ZOoyHHyvOwJ9pzUF1
jgUVJbweOyvn3VLyX+ylQGn/qBcHY3riEXWS2XlET1pN63kc3XFCBKFBZvvo32uK
bmlxu5X2F0glLCSMEuC4OICMIvXNR3sojQ9wQD0whJEAxBVNSLMrawFBxUIifvZK
0qEJSvBxfm2S81oVlbqZWoiCzHtNNxfZY+OjaVJDIDJ+TY+aLLB8qmhtB9NrQTuC
pJK9igErUeGkZCCjqdfZjGNLXER2T+YqgQdXcsAjejsg18IkGOHNoz/dukQ/WB5+
Hsa9zmOuYyiD/nenj3EdYifEH7cq4fqUJn2ZJjy5lo0oVPef5vmRdYG2q25ugpRS
AtlSxyZOCACvAjh8Mzm2dwC/51XZWz7QY/eTPy2lOQksbKXKta8VyN5prxAvrcsO
RWklyQ6XVGxVw+wcJGFSRmtHS4HBkXwApL3fjXYBK/ywq/LG/Uo9t29AIRUPQWLm
0vt7TCnBXRw=
=PpAa
-----END PGP SIGNATURE-----

2 Comments:

At 9:01 PM, Anonymous Brandon Keepers said...

Dan, I think this is a good idea and something that needs to be explored! Public key encryption is a great technology but seems to be used by only a tiny minority of people.

Imagine how useful it could be if apps started building in support for it. You could almost use it as an authentication mechanism. An example that comes to mind is for something like basecamp. It's annoying that when I receive an email for a message posted in basecamp, I can't just hit reply. I have to go log in and post the message. What if I could just hit reply, and (since I uploaded my public key when I created my account) my signature on the email message allows basecamp to verify that the message is from me.

One of the challenges with having apps sign messages is that you will either have to use a private key without a passphrase, or store the passphrase for the key in the app, both of which decrease the security of it.

 
At 10:43 PM, Blogger Daniel said...

You raise good points about security, but even if you had a "company" email account with PGP (support@example.com), you'd have a similar problem.

 

Post a Comment

<< Home