[Top] [All Lists]

Re: [ietf-smtp] DKIM encryption, was Request for discussion

2013-10-16 22:01:03
Sender fetches TXT  If it exists,
it uses the p= public key to encrypt the whole message,

erk ... you don't generally wish to use public keys on whole messages,
the planet is getting pretty warm already -- there are practical reasons
why existing schemes involve encrypting with a stream cipher with a
randomly chosen session key and then just using the public key system
for transmitting the session key.

Seems it'd be easy enough to put a band-aid on that. The outgoing MTA generates a random key for a block cipher, and the application/dkim-encrypted is the session key encrypted under the public key, followed by the message encrypted under the session key, perhaps with some intevening random crud since the beginning of a message is often a known plaintext.

I don't purport to know enough crypto to design something secure, but I gather this is similar to what PGP does.

John Levine, johnl(_at_)taugh(_dot_)com, Taughannock Networks, Trumansburg NY
"I dropped the toothpaste", said Tom, crestfallenly.
ietf-smtp mailing list

<Prev in Thread] Current Thread [Next in Thread>