Re: revised Proposed Charter



On Jul 25, 2005, at 7:56 AM, Michael Thomas wrote:

That said, I favor the crispness of the current charter/spec:
specs in this area have an almost perfect track record of
flopping in large part, IMO, due to their being unintelligablely
complex. Even the "simplicity" of the current spec brings up
deep and hard questions. Combinatorics is the enemy.

Ensuring deployment success seems a vital concern. Just those issueswill comprise a considerable amount of time. Initially keeping thediversity of the basics constrained, such as where the key isobtained, does not prevent those wishing to investigate andexperiment with alternative schemes. The simple tag/value syntaxdoes not preclude such alternatives in the future. DomainKeys hasalready demonstrated the viability of the DNS approach. If there issuccess and a desire for such alternatives, subsequent changes can bemade. However, it seems wrong to widen the scope of the charter toencompass more than the initial step being considered in this process.



Earl Hood wrote:

Wrt DKIM, the trust component is established via DNS.  The signature
verifier trusts that the records it achieves from a DNS query are the
records owned by the domain being queried.  The trust solely relies
on the reliability and security of the DNS transport protocol.
For some, this may be sufficient, but for others, this is definitely
not sufficient.  Because of security risks associated with DNS (along
with some of the key management aspects of it) others, including
myself, would definitely like to see hooks in DKIM to allow for
other PKI systems, systems that provide more robust trust models.

S/MIME has this feature already, and enjoys wide client deployment.It lacks any significant use. S/MIME or secure documents may becomean alternative for such minor needs requiring higher security oftenrelated to the author of the document. How this high securityproblem is solved is really independent of an effort attempting toscale for the wide use of an authentication scheme suitable for theexchange of email. Here I tend to agree with Mike.


-Doug

<Prev in Thread]	Current Thread	[Next in Thread>
Re: QUERY: Key Server Choices, (continued) Re: QUERY: Key Server Choices, Arvel Hathcock Re: QUERY: Key Server Choices, Hector Santos Re: revised Proposed Charter, Earl Hood RE: revised Proposed Charter, James Scott Re: revised Proposed Charter, Dave Crocker Re: revised Proposed Charter, william(at)elan.net Re: revised Proposed Charter, Earl Hood RE: revised Proposed Charter, Dave Crocker RE: revised Proposed Charter, James Scott Re: revised Proposed Charter, Michael Thomas Re: revised Proposed Charter, Douglas Otis <= Re: revised Proposed Charter, Earl Hood Re: revised Proposed Charter, Douglas Otis Re: revised Proposed Charter, Earl Hood RE: revised Proposed Charter, Hallam-Baker, Phillip RE: revised Proposed Charter, Hallam-Baker, Phillip Re: revised Proposed Charter, Michael Thomas Re: revised Proposed Charter, Ned Freed RE: revised Proposed Charter, Hallam-Baker, Phillip RE: revised Proposed Charter, Hallam-Baker, Phillip RE: revised Proposed Charter, Hallam-Baker, Phillip

Previous by Date:	Re: QUERY: Key Server Choices, Ned Freed
Next by Date:	Re: QUERY: Key Server Choices, Arvel Hathcock
Previous by Thread:	Re: revised Proposed Charter, Michael Thomas
Next by Thread:	Re: revised Proposed Charter, Earl Hood
Indexes:	[Date] [Thread] [Top] [All Lists]