Re: [dane] PGP security models, was Summary of IETF LC for draft-ietf-dane-openpgpkey
Viktor Dukhovni <ietf-dane@dukhovni.org> Wed, 23 September 2015 03:57 UTC
Return-Path: <ietf-dane@dukhovni.org>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A86451A8872; Tue, 22 Sep 2015 20:57:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id J44CKSelhpeq; Tue, 22 Sep 2015 20:57:33 -0700 (PDT)
Received: from mournblade.imrryr.org (mournblade.imrryr.org [38.117.134.19]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F3E801B3143; Tue, 22 Sep 2015 20:57:32 -0700 (PDT)
Received: by mournblade.imrryr.org (Postfix, from userid 1034) id 9EC9A28494F; Wed, 23 Sep 2015 03:57:31 +0000 (UTC)
Date: Wed, 23 Sep 2015 03:57:31 +0000
From: Viktor Dukhovni <ietf-dane@dukhovni.org>
To: dane@ietf.org, ietf@ietf.org
Message-ID: <20150923035731.GZ21942@mournblade.imrryr.org>
References: <20150921172109.19893.qmail@ary.lan> <alpine.LFD.2.20.1509211455150.420@bofh.nohats.ca> <m2pp19ztmu.wl%randy@psg.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <m2pp19ztmu.wl%randy@psg.com>
User-Agent: Mutt/1.5.24 (2015-08-30)
Archived-At: <http://mailarchive.ietf.org/arch/msg/dane/83m1qnksLpufRR9FIHtV8UXEXOE>
Subject: Re: [dane] PGP security models, was Summary of IETF LC for draft-ietf-dane-openpgpkey
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: ietf@ietf.org
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dane/>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Sep 2015 03:57:34 -0000
On Wed, Sep 23, 2015 at 09:44:57AM +0600, Randy Bush wrote: > Paul Wouters wrote: > > > Actually, nmost people I know never use the WoT. They only use keys > > obtained directly from the person they want to exchange encrypted email > > with. > > this is not my experience > > it will be a long time before i trust a dane/dnssec identity binding > over pgp's. > > At Mon, 21 Sep 2015 16:24:10 -0700, Bill Manning wrote: > > > I think Paul nails it, at least for the more aware folks around. > > Using the WoT to gauge anything other than confidence in choice of > > friends/associates is asking for trouble. > > i think bill nails it. trust in identity is what it is about for me. > i am communicating with a person, not a dns or smtp server; the latter > are agents, and ones which have failed repeatedly over the decades. We'll likely never meet in person. You have a sensitive message to send me about Postfix or OpenSSL or something like that. Now what? Or more likely you have nothing sensitive to send me at all, but prefer not to have your communications routinely intercepted or stored in the clear. Now what? The draft strives to make PGP scale, with an inevitable trade-off in identity assurance. The security needs of covert-agents are not the same as the security needs of most ordinary citizens. Folks who want "covert agent security" need to know what tools and systems they can't avoid trusting (a trusted party is one that can betray you), and then, if they are careful, avoid trusting everything/everyone else. The rest of us need to make reasonable compromises, that protect most of us most of the time, ideally keeping Orwellian nightmares in check. -- Viktor.
- Re: [dane] Summary of IETF LC for draft-ietf-dane… Viktor Dukhovni
- Re: [dane] PGP security models, was Summary of IE… John Levine
- Re: [dane] PGP security models, was Summary of IE… Paul Wouters
- Re: [dane] PGP security models, was Summary of IE… manning
- Re: [dane] PGP security models, was Summary of IE… manning
- Re: [dane] PGP security models, was Summary of IE… Scott Kitterman
- Re: [dane] PGP security models, was Summary of IE… John C Klensin
- Re: [dane] PGP security models, was Summary of IE… Joe Abley
- Re: [dane] PGP security models, was Summary of IE… Paul Wouters
- Re: [dane] provisioning assumptions, was PGP secu… John Levine
- Re: [dane] provisioning assumptions, was PGP secu… Paul Wouters
- Re: [dane] PGP security models, was Summary of IE… Randy Bush
- Re: [dane] PGP security models, was Summary of IE… Viktor Dukhovni
- Re: [dane] PGP security models, was Summary of IE… Randy Bush
- Re: [dane] PGP security models, was Summary of IE… Sam Hartman
- Re: [dane] PGP security models, was Summary of IE… Dave Crocker
- Re: [dane] PGP security models, was Summary of IE… Paul Wouters
- Re: [dane] PGP security models, was Summary of IE… Sam Hartman
- Re: [dane] PGP security models, was Summary of IE… Dave Crocker