On Wed, 5 Aug 2015, Carsten Strotmann wrote:
for OPENPGPKEY/SMIMECERT zones, operators could (maybe SHOULD) use
NSEC/NSEC3 "narrow" signing to prevent "zone-walking".
email addresses are not secret. That is not the privacy you can protect
at all. Anyone can either do a internet search or just attempt to
deliver an email to figure out if the email address is valid.
The only realy privacy concern is learning who is querying, meaning who
is interested in mailing a particular user - assuming everything else on
the email path is secureb by TLS, and the domain is large enough to
actually hide the userbase (that is, nohats.ca is already a lost cause,
because everyone knows a TLS connection to mx.nohats.ca means you are
going to email me)
Breaking hashes requires much more "willful intent" than decoding BASE32.
But that difference these days is basically zero as soon as someone puts
up a module for johntheripper or hashcat or something on github.
The hashing communicates a "don't go here" message, even though it is
technically not a strong protection.
If the sysadmin does not respect privacy on base32, they will not
respect privacy on hash(very simple names) or even hash(former-lover)
It is like having a closed door vs. no door at all. No door communicates
"come in, no secrets, we're open" while the closed door (even if it can
be opened by minor force) communicates "private space".
I might agree but I think the gain for this is so incredibly small, that
I think the gain for use of online signers plus email address
corrections by the smtp+dnssec combined server is actually a more likely
and minorly useful thing to have.
And don't get me wrong. I'd rather see zonefiles with a hash than with
base32 cut from an esthetical point of view.
Paul
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp