Re: PGP security models, was Summary of IETF LC for draft-ietf-dane-openpgpkey

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I think this is OK. That's what you get for using a domain who does this sort of thing as your email provider.

Right. But again, if I'm trying to find your key, I have no way to know how sleazy your mail provider is, so I have no way to tell whether to trust the keys they publish.

I do consider this proposal's handling of this case superior to the key
servers.

A key you get from the key servers might be real or might be bogus. A key you get through DANE might be real or might be bogus. What's the difference? A key from DANE implicitly has an endorsement from the domain, but a key from key servers can have endorsements via WoT signatures. In each case. unless you know the endorser, the endorsement is useless.

R's,
John




[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]