Re: [dane] PGP security models, was Summary of IETF LC for draft-ietf-dane-openpgpkey

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, 23 Sep 2015, Randy Bush wrote:

if i think of it as a form of opportunistic encryption with very weak
authentication it seems useful.

right.

but when i want strong authentication i want strong introduction.

So pull the key from DNSSEC, check for sigs. If not good enough, you
could also pull the same key from the keyservers (now that you know
that's the key you are looking for in the pile of garbage keys on the
keyservers) and possibly get more signatures on it. Still not good
enough, don't send the email and find some humans.

Paul




[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]