ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [dane] PGP security models, was Summary of IETF LC for draft-ietf-dane-openpgpkey

2015-09-23 11:01:46
from [Paul Wouters] [Permanent Link] 
On Wed, 23 Sep 2015, Randy Bush wrote:


if i think of it as a form of opportunistic encryption with very weak
authentication it seems useful.


right.


but when i want strong authentication i want strong introduction.


So pull the key from DNSSEC, check for sigs. If not good enough, you
could also pull the same key from the keyservers (now that you know
that's the key you are looking for in the pile of garbage keys on the
keyservers) and possibly get more signatures on it. Still not good
enough, don't send the email and find some humans.

Paul
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [dane] PGP security models, was Summary of IETF LC for draft-ietf-dane-openpgpkey, Dave Crocker
Next by Date:  Re: [dane] PGP security models, was Summary of IETF LC for draft-ietf-dane-openpgpkey, Sam Hartman
Previous by Thread:  Re: [dane] PGP security models, was Summary of IETF LC for draft-ietf-dane-openpgpkey, Dave Crocker
Next by Thread:  Re: [dane] PGP security models, was Summary of IETF LC for draft-ietf-dane-openpgpkey, Philip Homburg
Indexes:  [Date] [Thread] [Top] [All Lists]