[Top] [All Lists]

Re: [ietf-smtp] DKIM encryption, was Request for discussion

2013-10-19 16:50:14
At 01:30 +0100 on 10/17/2013, Richard Clayton wrote about Re:
[ietf-smtp] DKIM encryption, was Request for discussion:

>erk ... you don't generally wish to use public keys on whole messages,
>the planet is getting pretty warm already -- there are practical reasons
>why existing schemes involve encrypting with a stream cipher with a
>randomly chosen session key and then just using the public key system
>for transmitting the session key.

How about doing the message encryption with the stream cipher and use
the public key to encrypt it as a separate MIME part (ie: The message
is multi-part with the key MIME part and the encrypted MIME part)?

multipart/encrypted, in other words. See RFC 1847.

And if we're going to consider various security building blocks, how
about identity-based encyption? It could be used here to extend this
to a full end-to-end mechanism without having to put keys for every address
in the DNS.

OTOH, IBE is probably patented to the hilt. So maybe not.

ietf-smtp mailing list

<Prev in Thread] Current Thread [Next in Thread>