Re: Good as the enemy of OK

ietf-mailsig

Re: Good as the enemy of OK

2005-01-15 15:16:20

The problem is that typically a key will be used to sign messages for
the entire domain.


Take a look at DK.  It lets you use whatever granularity you want, by
publishing as many keys as you want in DNS, and having each signature
say which key it's using.

Depending on your level of security concern, you can use one key the
whole domain, a key per host, a key per user, or if you're really
paranoid, a key per message.

Regards,
John Levine, johnl(_at_)taugh(_dot_)com, Taughannock Networks, Trumansburg NY
http://www.taugh.com

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: Good as the enemy of OK, (continued) Re: Good as the enemy of OK, Michael Thomas Re: Good as the enemy of OK, Tony Finch Re: Good as the enemy of OK, James M Galvin Re: Good as the enemy of OK, Douglas Otis Re: Good as the enemy of OK, James Galvin Re: Good as the enemy of OK, Douglas Otis Re: Good as the enemy of OK, James Galvin Re: Good as the enemy of OK, Douglas Otis Re: Good as the enemy of OK, william(at)elan.net Re: Good as the enemy of OK, Sam Hartman Re: Good as the enemy of OK, John Levine <= Re: Good as the enemy of OK, Sam Hartman Re: Good as the enemy of OK, John R Levine Re: Good as the enemy of OK, Tony Finch Re: Good as the enemy of OK, John Levine Re: Good as the enemy of OK, Tony Finch Re: Good as the enemy of OK, Douglas Otis Re: Good as the enemy of OK, william(at)elan.net Re: Good as the enemy of OK, Douglas Otis Re: Good as the enemy of OK, william(at)elan.net Re: Good as the enemy of OK, Douglas Otis

Previous by Date:	Re: Good as the enemy of OK, Sam Hartman
Next by Date:	Re: Good as the enemy of OK, Sam Hartman
Previous by Thread:	Re: Good as the enemy of OK, Sam Hartman
Next by Thread:	Re: Good as the enemy of OK, Sam Hartman
Indexes:	[Date] [Thread] [Top] [All Lists]