Re: [Endymail] Off we go...

"Joe Hildebrand (jhildebr)" <jhildebr@cisco.com> Wed, 27 August 2014 15:26 UTC

Return-Path: <jhildebr@cisco.com>
X-Original-To: endymail@ietfa.amsl.com
Delivered-To: endymail@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 504F81A0ADD for <endymail@ietfa.amsl.com>; Wed, 27 Aug 2014 08:26:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -15.169
X-Spam-Level:
X-Spam-Status: No, score=-15.169 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.668, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HDOYae4cXTcL for <endymail@ietfa.amsl.com>; Wed, 27 Aug 2014 08:26:02 -0700 (PDT)
Received: from rcdn-iport-5.cisco.com (rcdn-iport-5.cisco.com [173.37.86.76]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A441E1A0ACA for <endymail@ietf.org>; Wed, 27 Aug 2014 08:26:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=2916; q=dns/txt; s=iport; t=1409153162; x=1410362762; h=from:to:subject:date:message-id:references:in-reply-to: content-id:content-transfer-encoding:mime-version; bh=ojJOb6v3Xaqp1gGQfzexBYN7zLyZPKKSmSbnC7AnX+Y=; b=W81Z+22H7axHzlvZZZt3d14kpHEG2YrrKTUjTg9ozLeKQzkAr/C12BzU datElqI471QQnL55CFk52x9FsYxgPEFooAbvgigw6MFIi2WxTV2OOgIbV ANLGeNWXo34Ya7W2FhdLV2CggjPqf57QvVYrCYvWcwGs4eAMovZTTdXs5 I=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Ah0FAD73/VOtJA2G/2dsb2JhbABbgw1TVwSCeMkiDIZ6UwEZeRZ3hAQBAQICAQEBIBE6GwIBCBgCAiYCAgIlCxUQAgQBEohCDapPlEEXgSyNbTqCeTaBHQWRL4QthnyBW5M/g15sAYFHgQcBAQE
X-IronPort-AV: E=Sophos;i="5.04,412,1406592000"; d="scan'208";a="350705139"
Received: from alln-core-12.cisco.com ([173.36.13.134]) by rcdn-iport-5.cisco.com with ESMTP; 27 Aug 2014 15:26:00 +0000
Received: from xhc-rcd-x15.cisco.com (xhc-rcd-x15.cisco.com [173.37.183.89]) by alln-core-12.cisco.com (8.14.5/8.14.5) with ESMTP id s7RFQ0jx027842 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Wed, 27 Aug 2014 15:26:00 GMT
Received: from xmb-rcd-x10.cisco.com ([169.254.15.68]) by xhc-rcd-x15.cisco.com ([173.37.183.89]) with mapi id 14.03.0195.001; Wed, 27 Aug 2014 10:26:00 -0500
From: "Joe Hildebrand (jhildebr)" <jhildebr@cisco.com>
To: Tom Ritter <tom@ritter.vg>, "endymail@ietf.org" <endymail@ietf.org>
Thread-Topic: [Endymail] Off we go...
Thread-Index: AQHPwX34ogzl9fkBREe+zwM4ZgKLRZvkC8GAgAB2+IA=
Date: Wed, 27 Aug 2014 15:25:59 +0000
Message-ID: <E7DCF4A3-7407-4F14-8A83-D421F5E5EDCB@cisco.com>
References: <53FD0B7D.8070705@qti.qualcomm.com> <CA+cU71nkrhqmjra9Thkw-vSNGFQPX2=nY5FUL6drxeo9rxd8uw@mail.gmail.com>
In-Reply-To: <CA+cU71nkrhqmjra9Thkw-vSNGFQPX2=nY5FUL6drxeo9rxd8uw@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/15.3.0.140730
x-originating-ip: [10.21.86.162]
Content-Type: text/plain; charset="utf-8"
Content-ID: <A7F214A0CACCE44FB44B091071E1CD00@emea.cisco.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/endymail/2kj7AfRPfrs7azubFSBJWh_DflA
Subject: Re: [Endymail] Off we go...
X-BeenThere: endymail@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <endymail.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/endymail>, <mailto:endymail-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/endymail/>
List-Post: <mailto:endymail@ietf.org>
List-Help: <mailto:endymail-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/endymail>, <mailto:endymail-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Aug 2014 15:26:04 -0000

For distributing keys, POSH seems like it would be also be interesting:

http://tools.ietf.org/html/draft-ietf-xmpp-posh-01


As does RFC 7033 (WebFinger), both of which rely on extending trust from 
HTTPS to other domains.

On 8/27/14, 2:20 AM, "Tom Ritter" <tom@ritter.vg> wrote:

>On 26 August 2014 17:34, Pete Resnick <presnick@qti.qualcomm.com> wrote:
>> So off we go... What projects are folks working on
>
>Prior to Snowden's revelations, a friend and I had given some
>thought[0] to a system that supported provider-to-provider encryption,
>where the end could be extended on either side to end-to-provider or
>end-to-end encryption.  Along the way we thought about distributing
>keys over HTTPS vs DNS[1], authenticity[2], a report-only deployment
>mode[3], and other stuff.  We shelved our proposal, but published our
>thoughts in a document that we hoped would add some thoughts and
>context to future discussions.  Full spec is at
>https://github.com/tomrittervg/uee
>
>I can't claim to be working on this, but I'm excited about
>https://datatracker.ietf.org/doc/draft-ietf-dane-smtp-with-dane/
>
>I'm also tangentially involved (through my job) with NCC Group's
>.trust initiative[4].  There are a lot of policy controls, but also
>technical ones. Some of the guarantees you will have when
>communicating with a domain in the .trust gTLD will be that the domain
>will have valid TLS certificates for StartTLS, will have StartTLS
>available, will use DNSSEC, DKIM, and a host of other technical
>requirements.
>
>-tom
>
>
>[0] https://ritter.vg/blog-uee_email_encryption.html
>[1] 
>https://github.com/tomrittervg/uee/blob/master/appendix-key-distro-choice.
>md
>[2] 
>https://github.com/tomrittervg/uee/blob/master/proposal.md#key-authenticit
>y
>[3] 
>https://github.com/tomrittervg/uee/blob/master/proposal.md#report-only-mod
>e
>[4] https://www.nccgroup.com/media/112014/trust-faq.pdf
>
>_______________________________________________
>Endymail mailing list
>Endymail@ietf.org
>https://www.ietf.org/mailman/listinfo/endymail
>


-- 
Joe Hildebrand