ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [dane] Last Call: <draft-ietf-dane-openpgpkey-05.txt> (Using DANE to Associate OpenPGP public keys with email addresses) to Proposed Standard

2015-09-04 10:28:15
from [Viktor Dukhovni] [Permanent Link] 
On Thu, Sep 03, 2015 at 10:33:39PM +0200, Petr Spacek wrote:


as far as I can tell people favor various LHS-hashing variants for privacy
reasons. Assuming that this observation is correct, I consider current hashing
scheme totally insufficient - it does not protect anyone's privacy against
even against moderately-funded attackers. We should do better (not only to
please Snowden :-)


For the record, similar observations from the WG discussion.

    https://www.ietf.org/mail-archive/web/dane/current/msg08046.html
    https://www.ietf.org/mail-archive/web/dane/current/msg08017.html
    https://www.ietf.org/mail-archive/web/dane/current/msg08065.html

[ I agree that hashing is not a substantial privacy enhancement.
  The original reason hashing was proposed was not privacy-related. ]

-- 
        Viktor.
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Proposal for a Clean Internet (by design), John Levine
Next by Date:  Re: Proposal for a Clean Internet (by design), l.wood
Previous by Thread:  Re: [dane] Last Call: <draft-ietf-dane-openpgpkey-05.txt> (Using DANE to Associate OpenPGP public keys with email addresses) to Proposed Standard, Petr Spacek
Next by Thread:  What is the IPR policy for Hackathon? RE: [94all] IETF 94 - Hackathon Information, Miaofuyou (Miao Fuyou)
Indexes:  [Date] [Thread] [Top] [All Lists]