Re: PKI is weakly secure (was Re: Updating the rules?)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Doug,


When short cuts are taken in PKI as with SMTP, there should be some concern.

DKIM voids vetted CAs, as the public key is obtained from DNS, this provides the URL association directly.

It's really not the same. The implications of a compromised DKIM key are bilateral *at best*, whereas a CA, particularly a well known one will have far broader impact.

But that's not what I was talking about. What I was referring to was Ohta-san's implication that PKI is fundamentally flawed. Perhaps it is, but I don't see anything better for key distribution to millions of people. If you, he, or anyone else comes up with something better, I'm all ears.

Eliot

_______________________________________________

Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]