Keyservers and the future
Neil Williams
linux at codehelp.co.uk
Fri May 20 11:15:35 CEST 2005
On Thursday 19 May 2005 8:15 pm, Radu Hociung wrote:
> Depending on proposal, email authentication would require between 1
> key/domain owner
Is that a completely different key to another domain used by the same owner?
I've got many domains but I only want one main key.
If someone trusts codehelp.co.uk does that mean they also trust dcglug.org.uk
just because I've got both in the UID's of my key?
There are lots of keys with multiple UID's across disparate domains - like
debian.org.
Are you proposing a completely new key per domain that is "less secure" than
the personal key because it's per domain and not per user? Who controls such
domain keys? Is this just another "corporate" key?
What about domains that have millions of users (like aol.com)?
I may trust one or two individuals with AOL accounts, there is NO way I'm
going to trust everything from AOL!
> If email authentication was implemented, the majority of mail traffic
> would be signed and verified.
You're just verifying that the signature is good, not that the key is trusted?
That's reasonable.
How do you guarantee that From: cannot be spoofed - it sounds like you are
delegating that to the individual ISP / domain holder. I'm concerned that the
domain is too blunt as an instrument against spam and that it will remain
easy to send spam from: aol.com and hotmail.com. Even if someone does
compromise the AOL terms and conditions, users cannot ignore all email from
that domain - it's simply too large - so I could not set the aol.com key to
be untrusted or unwanted.
This could prejudice small domains, userspace domains, unfairly. The big
domains would trivialise the signature because you could not discriminate
between your AOL friends and the AOL spammers. If a particular domain holder
with lots of accounts is tardy or just inefficient in booting off people who
abuse their terms, the user is left with a useless "validation" because the
user cannot distinguish between users at the domain.
> DomainKeys, for instance, works at the transport level. Somewhat like
> SSH, where the client and server use one key to encrypt the datastream,
> but a different key is used by the user to actually authenticate and log
> in. DomainKeys does not encrypt the channel, but it only signs it (it
> signs a subset of the message headers as well as the body of the
> message). If a recipient domain trusts Yahoo's keys, he can assert that
> the mail really came from the Yahoo domain. This is a per-domain
> signature, not per-user.
Where does the secret key reside?
Who controls the signing?
What happens with the existing signature?
Are you using MIME to achieve this - what are you going to do about broken
email clients like OE that hide the message when receiving PGP/MIME - the
message body is displayed as an attachment.
What about other clients (like some webmail) that cannot yet cope with
PGP/MIME?
--
Neil Williams
=============
http://www.data-freedom.org/
http://www.nosoftwarepatents.com/
http://www.linux.codehelp.co.uk/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : /pipermail/attachments/20050520/33e9bbc8/attachment.pgp
More information about the Gnupg-users
mailing list