Automatic key verification / CERT in DNS / RFC4398
wk at gnupg.org
Thu Apr 6 12:44:39 CEST 2006
On Wed, 5 Apr 2006 20:03:46 -0500, Brad Knowles said:
> Keep in mind that relatively few people use any kind of personal
> encryption at all, and most that do make use of S/MIME instead of PGP
> or GPG, because S/MIME is what is provided by default from Microsoft
The problem with S/MIME is that you can't create a usabable
certificate for yourself. You have to hand over a lot of money to
a more or less trustworthy CA with no real benefit. OpenPGP may be used
much easier in that respect.
Using PKA you may use self-signed certificates for S/MIME in the same
way as you use PGP keys. Yes, the security is limited by the DNS but
well, that is a problem another group needs so solve ;-)
> So long as you stick to just one key for the entire domain, it
> doesn't matter if it's DKIM or PGP. It still has some greatly
> increased CPU requirements (because every single message passing
> through the server will now have to be cryptographically signed,
> which will increase the CPU server load by many orders of magnitude
> per message), but at least it has the possibility of being scalable
I doubt that signing a message puts more load on a server than all the
spam filtering and virus scanning in use today.
DKIM and other methods are also quite computing intensive.
> We did try this technique before -- it was called pgpsendmail,
> and it cryptographically signed every message passing through the
> system. It didn't work very well, and few people ended up using it.
Because the key distribution and validation of the keys was not solved.
> Doing client-side signing and verification is definitely
> scalable, but is difficult to get jump-started.
Thus start with server-side signing using one key per domain.
> I don't think that's likely to happen any time soon. The
> solutions which are easy to implement are non-scalable, and the
> scalable solutions are much more difficult to implement.
DNSSEC does not scale? Okay, then DNS will eventually be useless.
DNS-CERT does not scale? The I* types will help to offload the keys.
PKA on a per user base does not scale? Well, this might be a problem
with millions of users per domain. I don't know for sure but I doubt
that, say, 64 extra bytes of user data makes any difference to these
More information about the Gnupg-devel