ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Agenda, security, and monitoring

2014-02-02 07:55:28
from [Joseph Lorenzo Hall] [Permanent Link] 



On Feb 1, 2014, at 18:18, John C Klensin <john-ietf(_at_)jck(_dot_)com> wrote:

Indeed, it might be interesting as a first
step to fix
the IETF list so it wouldn't accept unsigned messages.


I don't think this is a good idea.

First, it would raise technical barriers to participation; now one would have 
to install software other than email software, configure it correctly and point 
ietf to the signing key (no?)... (unless the list doesn't do an actual sig 
check, in which case what's the point?). Second, while I and others are 
comfortable with a default-sign policy, I know many more people that are very 
picky with non-repudiability and things they cryptographically sign. Finally, 
I'm not comfortable keeping keys on mobile devices (signing or otherwise), 
which would mean emails I send from those devices like this one will not be 
signed.

Am I missing something? I can imagine many of us have longer keys since the 
last IETF, so I'd definitely be interested in a signing event.

best, Joe

--
Joseph Lorenzo Hall
Chief Technologist
Center for Democracy & Technology
https://www.cdt.org/
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Make it a Proposed Method rather than Proposed Standard [Re: When is an idea a good idea?], Abdussalam Baryun
Next by Date:  Re: Agenda, security, and monitoring, Phillip Hallam-Baker
Previous by Thread:  Re: Agenda, security, and monitoring, Alessandro Vesely
Next by Thread:  Re: Agenda, security, and monitoring, Dale R. Worley
Indexes:  [Date] [Thread] [Top] [All Lists]