Re: Why are mail servers not also key servers?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


On 20 Apr 2017, at 17:22, Paul Wouters <paul@xxxxxxxxx> wrote:


generate a key pair on registration, store those keys on the server (in
an encrypted archive), and make the public key available. A little
coding later and we've got key exchange and message confidentiality.

SMTP servers could be key servers without having the private key of
individuals?

Sure. If they double as HTTPS servers.

I want to send you an email, so I type “paul@xxxxxxxxx” in the To: field, and my MUA goes to https://mail-public-keys.nohats.ca/.well-known/mail-pubkeys/paul and that gets your public key.

And now my MUA can encrypt.  And it all works, as long as we trust nohats.ca (and conversely gmail.com) and as long as you have a copy of your private key on every single MUA that you use.

Small assumptions, no?

Yoav

Attachment: signature.asc
Description: Message signed with OpenPGP

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]