Re: [dane] Use OPENPGPKEY or SMIMEA if both are available?
Viktor Dukhovni <ietf-dane@dukhovni.org> Mon, 09 March 2015 22:04 UTC
Return-Path: <ietf-dane@dukhovni.org>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 96D971ACD8C for <dane@ietfa.amsl.com>; Mon, 9 Mar 2015 15:04:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.5
X-Spam-Level:
X-Spam-Status: No, score=-0.5 tagged_above=-999 required=5 tests=[BAYES_05=-0.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1J6lzPiF3Zau for <dane@ietfa.amsl.com>; Mon, 9 Mar 2015 15:04:10 -0700 (PDT)
Received: from mournblade.imrryr.org (mournblade.imrryr.org [38.117.134.19]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DBFC11ACDAE for <dane@ietf.org>; Mon, 9 Mar 2015 15:04:03 -0700 (PDT)
Received: by mournblade.imrryr.org (Postfix, from userid 1034) id BD271282FC2; Mon, 9 Mar 2015 22:04:02 +0000 (UTC)
Date: Mon, 09 Mar 2015 22:04:02 +0000
From: Viktor Dukhovni <ietf-dane@dukhovni.org>
To: dane@ietf.org
Message-ID: <20150309220402.GL1260@mournblade.imrryr.org>
References: <20150309195944.GB8242@sys4.de> <alpine.LFD.2.10.1503091601440.29875@bofh.nohats.ca> <20150309212115.GC8242@sys4.de>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <20150309212115.GC8242@sys4.de>
User-Agent: Mutt/1.5.23 (2014-03-12)
Archived-At: <http://mailarchive.ietf.org/arch/msg/dane/ZZP7TtqiJAvbmsTVUQQAfllN1SY>
Subject: Re: [dane] Use OPENPGPKEY or SMIMEA if both are available?
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: dane@ietf.org
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dane/>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Mar 2015 22:04:12 -0000
On Mon, Mar 09, 2015 at 10:21:15PM +0100, Patrick Ben Koetter wrote: > Both, OPENPGPKEY and SMIMEA, carry the potential to increase wider usage of > encryption. They offer a safe way for automated key distribution. All a sender > will have to do is 'send' the message. Given appropriate software, MUA or MTA, > will handle safe key retrieval and encrypt the message for any OPENPGPKEY and > SMIMEA enabled recipient. Pick whichever is also supported by the sender (for which the sender also has a key). If the sender has a key for both, I would have historically gone with SMIME since more desktop clients support that. However, things are changing, because smartphones have a new breed of email clients, and I'm not sure which is more prevalent on iOS and Android phones. Also even if SMIME is more widely understood, it is prone to raise warnings with self-signed or private CA issued keys. And we want to avoid such warnings. So it is not yet clear which is to be preferred, in practice we should be so lucky as to have to choose. Most users have no keys of either type. -- Viktor.
- [dane] Use OPENPGPKEY or SMIMEA if both are avail… Patrick Ben Koetter
- Re: [dane] Use OPENPGPKEY or SMIMEA if both are a… Paul Wouters
- Re: [dane] Use OPENPGPKEY or SMIMEA if both are a… Patrick Ben Koetter
- Re: [dane] Use OPENPGPKEY or SMIMEA if both are a… Viktor Dukhovni
- Re: [dane] Use OPENPGPKEY or SMIMEA if both are a… Patrick Ben Koetter