From: tjacobs(_at_)redsword(_dot_)com
...
In that case, I'm unsure what you meant by not wanting to use "fancy
crypto solutions" (a quote from your earlier post) if this term does
not include digital signature algorithms and public keys. Were you
just meaning no commercial solutions ("authorities") that involve
paying money to maintain the key infrastructure? Or do you not
understand that "digital signatures" and "public keys" are
applications of cryptography?
I think signatures using nothing more than secret or public key encryption
are not fancy. By "fancy crypto solutions" I mean schemes such as PKI
which involve or should involve
- networks of key servers or distributed lists of signature authorities,
- certificate or key revocation machinery (which perhaps ought to be
related to the previous item, but in real life seems to be utterly
broken and useless),
- private investigators checking claimed identities,
- probably unexpired and possibly submarine patents
- advertising, propaganda, and other "jockeying in the commercial space."
I suspect I'd find anything that relies on DNSSEC "fancy," particularly
given the history of DNSSEC. I suspect but don't know that no crypto
mechanism can use DNS RRs without also requiring DNSSEC and so "fancy"
or even a fraud in real life like commercial PKI.
I suspect that some non-fancy crypto spam defenses can be designed and
(more important) deployed without global changes to MTAs or MUAs.
I think that should be a basic criterion for any recommendation by this
group. However, I'm not yet convinced that any given non-fancy crypto
spam defense would be sufficient or even worthwhile.
...
There are a couple
of variations to this approach that I think might be workable, such
as a mail protocol where the sender first sends a "i'm about to send
a message" message, and the receiver generates a key pair, sending
the arbitrary "public" key to the sender, who then uses it to
encrypt the message,...
Please read about simple crypo-based authentication.
If you had read the rest of the message, you would've realized that
those won't work, since they place the calculation burden on the
wrong party.
I tried to read the message, but the sense I got from it conflicted
with what I understand of public key encryption and signing. It
suggested you knew less than nothing of the subject and I was trying
to say as much as politely as possible. If that inference was wrong,
I appologize. Unfortunately, rereading your quoted text above several
times does not disperse my original inference. For example, I'm
troubled by the notion that a stranger could authentiate itself
merely by preceding the mail message with a session key exchange.
Vernon Schryver vjs(_at_)rhyolite(_dot_)com
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg