ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [openpgp] [dane] Storing public keys in DNS or LDAP, or elsewhere

2013-08-08 15:29:59
from [Paul Wouters] [Permanent Link] 
On Tue, 6 Aug 2013, John Gilmore wrote:


* draft-wouters-dane-openpgp-00
* draft-wouters-dane-otrfp-00


These actually specify how to get authenticated key material from the
DNS.  (However, they don't encrypt the DNS transaction, so the
identity of the user being communicated with is leaked to NSA and
any other wiretappers...)


I would suggest we address DNS query privacy in a generic way for all
DNS, although even if you just encrypt, it might not be enough when the
adversary has so many listening points, and the user immediately uses
the DNS information for another action (eg an IM message or sending an
email)

Paul
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [openpgp] [dane] Storing public keys in DNS or LDAP, or elsewhere, Rick van Rein (OpenFortress)
Next by Date:  Re: [openpgp] [dane] Storing public keys in DNS or LDAP, or elsewhere, ianG
Previous by Thread:  Re: [openpgp] [dane] Storing public keys in DNS or LDAP, or elsewhere, Rick van Rein (OpenFortress)
Next by Thread:  Re: [openpgp] [dane] Storing public keys in DNS or LDAP, or elsewhere, Rick van Rein (OpenFortress)
Indexes:  [Date] [Thread] [Top] [All Lists]