Re: PGP security models, was Summary of IETF LC for draft-ietf-dane-open

Mark Andrews <marka(_at_)isc(_dot_)org> writes:

> People don't usually look at the set of hostnames before assigning
> a user id and the reverse is also true.  Who gets change control
> on the resulting domain name when there is a collision?  The user
> or the host?
When is this a problem?  Are you thinking of the conflict between
www.example.org and www(_at_)example(_dot_)org?  Why would that cause a 
problem?  I
believe it is highly unlike for their to ever be a OpenPGP key issued
for www.example.org -- and the practice in the OpenPGP community is to
issue such keys for rooot(_at_)www(_dot_)example(_dot_)org instead -- so there 
shouldn't
be a conflict.  In any case, www(_at_)example(_dot_)org might have several 
OpenPGP
keys, so the client should be prepared to handle multiple records
anyway.

I'm likely missing something here.

/Simon

signature.asc
Description: PGP signature