Re: [dane] Last Call: <draft-ietf-dane-openpgpkey-05.txt> (Using DANE to Associate OpenPGP public keys with email addresses) to Proposed Standard

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Thu, Sep 03, 2015 at 10:33:39PM +0200, Petr Spacek wrote:

> as far as I can tell people favor various LHS-hashing variants for privacy
> reasons. Assuming that this observation is correct, I consider current hashing
> scheme totally insufficient - it does not protect anyone's privacy against
> even against moderately-funded attackers. We should do better (not only to
> please Snowden :-)

For the record, similar observations from the WG discussion.

    https://www.ietf.org/mail-archive/web/dane/current/msg08046.html
    https://www.ietf.org/mail-archive/web/dane/current/msg08017.html
    https://www.ietf.org/mail-archive/web/dane/current/msg08065.html

[ I agree that hashing is not a substantial privacy enhancement.
  The original reason hashing was proposed was not privacy-related. ]

-- 
	Viktor.
[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]