[Endymail] Hashes of key as addresses
Phillip Hallam-Baker <phill@hallambaker.com> Thu, 28 August 2014 23:23 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: endymail@ietfa.amsl.com
Delivered-To: endymail@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id 837C31A00F2
for <endymail@ietfa.amsl.com>; Thu, 28 Aug 2014 16:23:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.278
X-Spam-Level:
X-Spam-Status: No, score=-1.278 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, SPF_PASS=-0.001]
autolearn=no
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id cLMQJDiJmsUK for <endymail@ietfa.amsl.com>;
Thu, 28 Aug 2014 16:23:22 -0700 (PDT)
Received: from mail-lb0-x233.google.com (mail-lb0-x233.google.com
[IPv6:2a00:1450:4010:c04::233])
(using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id 404641A00F0
for <endymail@ietf.org>; Thu, 28 Aug 2014 16:23:21 -0700 (PDT)
Received: by mail-lb0-f179.google.com with SMTP id l4so1737502lbv.10
for <endymail@ietf.org>; Thu, 28 Aug 2014 16:23:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
h=mime-version:sender:date:message-id:subject:from:to:cc:content-type;
bh=B75T8KsM4KkMgoNV9sLz+CqYhp2TBZHp604rVLlMxs0=;
b=OX1CZb1UyY18SkyMT2+5A+Jj5WCf+xGCH5L/j6HuPF8h/i/hNZiJ652iYJgTrCFUVl
YDFw4VetOILGM9HzXGl/5tan5CJ33C3dTzuJvdA9ukHYzOWC3sMysfIdIC3PEdXNrsyz
5O47c0HYjjZTfE/XXhQhkUuzYWAaOpuPJDDzGT+ebTs17nWBtemSNzlP9n1KMAtHIHW+
XiwPCYLCkGvJBjcaEh7aFOOeSSGtJdqQPC8At2eHXZpnLqijo2p7XFMQVSg5MS99W5cu
2ignK5YfioZFj4R9jD0RH0ukcTlCs7/YXMW3t64qn9fF3KVdEhShY85LNoFmS17VKzcx
b2mw==
MIME-Version: 1.0
X-Received: by 10.112.199.42 with SMTP id jh10mr7368778lbc.49.1409268200365;
Thu, 28 Aug 2014 16:23:20 -0700 (PDT)
Sender: hallam@gmail.com
Received: by 10.112.122.50 with HTTP; Thu, 28 Aug 2014 16:23:20 -0700 (PDT)
Date: Thu, 28 Aug 2014 19:23:20 -0400
X-Google-Sender-Auth: BRfyvy_KycPrVtvVQH8tg2l820A
Message-ID: <CAMm+LwimhUi5uZAgm9erYtMJ9-o6+x__344TwKH4-Pa_-mckfg@mail.gmail.com>
From: Phillip Hallam-Baker <phill@hallambaker.com>
To: Leo Vegoda <leo@vegoda.org>
Content-Type: text/plain; charset=UTF-8
Archived-At: http://mailarchive.ietf.org/arch/msg/endymail/dE31GRq9iOOJd3U3HTH4Yo96pvQ
Cc: endymail <endymail@ietf.org>, Frank Li <frankli@cs.berkeley.edu>
Subject: [Endymail] Hashes of key as addresses
X-BeenThere: endymail@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <endymail.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/endymail>,
<mailto:endymail-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/endymail/>
List-Post: <mailto:endymail@ietf.org>
List-Help: <mailto:endymail-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/endymail>,
<mailto:endymail-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Aug 2014 23:23:23 -0000
Using hashes of keys as addresses is very powerful. There are basically three types of address in such schemes: 1) traditional human readable 2) hash of key 3) Traditional human readable + hash of key. So in PPE we use all three in different situations: 1) ACAIEA-FONPAC-5AC6LFA-K4ACHC-EAJWAHN-VPAM4A-COYPAO-VAA 2) alice@example.com 3) ACAIEA-FONPAC-5AC6LFA-K4ACHC-EAJWAHN-VPAM4A-COYPAO-VAA?alice@example.com We can apply the same approach with value to other situations. Lets say Alice owns example.com. We can create a strong domain name in the same way: ACAIEA-FONPAC-5AC6LFA-K4ACHC-EAJWAHN-VPAM4A-COYPAO-VAA?example.com Note here that unlike in the PGP world where we generally use the hash of the encryption key, PPE almost always uses the hash of a master key that signs the encryption/authentication/etc key. This might have been considered impractical in 1992 when machines were CPU limited but it isn't a problem today. Making this separation solves a lot of usability problems down the line. Now obviously nobody is going to want to read out a strong email address over the phone. But if we have the right discovery infrastructure in place they don't need to. And this is where TRANS/CT might come in (or something like it). Because one of the things you would want to do with a freshly minted key is to record the public part and some binding assertion in a notary service. So it is natural to have a feature in the key manager that allows you to say 'generate a key and register it with notary xyz.com.' I don't think I want to be registering my key with multiple notaries as I think they should be talking to each other in the manner of USENET of old. So one publication point should be enough. But once the key is registered we have also created the raw material that a key publication scheme might use.
- [Endymail] Hashes of key as addresses Phillip Hallam-Baker
- Re: [Endymail] Hashes of key as addresses Leo Vegoda
- Re: [Endymail] Hashes of key as addresses Phillip Hallam-Baker
- Re: [Endymail] Hashes of key as addresses Michael Kjörling
- Re: [Endymail] Hashes of key as addresses Phillip Hallam-Baker
- Re: [Endymail] Hashes of key as addresses Michael Kjörling
- Re: [Endymail] Hashes of key as addresses Stephen Farrell
- Re: [Endymail] Hashes of key as addresses Phillip Hallam-Baker
- Re: [Endymail] Hashes of key as addresses Steffen Nurpmeso
- Re: [Endymail] Hashes of key as addresses Arnt Gulbrandsen
- Re: [Endymail] Hashes of key as addresses Viktor Dukhovni
- Re: [Endymail] Hashes of key as addresses Phillip Hallam-Baker
- Re: [Endymail] Hashes of key as addresses Viktor Dukhovni