IETF Logo Mail Archive

Re: [Endymail] spam versus cleartext

Werner Koch <wk@gnupg.org> Mon, 08 September 2014 18:46 UTC

Return-Path: <wk@gnupg.org>
X-Original-To: endymail@ietfa.amsl.com
Delivered-To: endymail@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BECD31A02F7 for <endymail@ietfa.amsl.com>; Mon, 8 Sep 2014 11:46:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.9
X-Spam-Level:
X-Spam-Status: No, score=-6.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qTQtQJ7WriYq for <endymail@ietfa.amsl.com>; Mon, 8 Sep 2014 11:46:48 -0700 (PDT)
Received: from kerckhoffs.g10code.com (kerckhoffs.g10code.com [217.69.77.222]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CDED41A02C2 for <endymail@ietf.org>; Mon, 8 Sep 2014 11:46:47 -0700 (PDT)
Received: from uucp by kerckhoffs.g10code.com with local-rmail (Exim 4.80 #2 (Debian)) id 1XR3xe-0005ig-Az for <endymail@ietf.org>; Mon, 08 Sep 2014 20:46:46 +0200
Received: from wk by vigenere.g10code.de with local (Exim 4.82 #3 (Debian)) id 1XR3t1-0002LZ-OR; Mon, 08 Sep 2014 20:41:59 +0200
From: Werner Koch <wk@gnupg.org>
To: Phillip Hallam-Baker <phill@hallambaker.com>
References: <540AABF8.8000605@cisco.com> <CAMm+Lwh1JJQTOgRN_31b3+oTreeHzntBxx5sNeAFQAwnac9trw@mail.gmail.com> <540C5BE1.6010405@qti.qualcomm.com> <540CCA3E.8020505@qti.qualcomm.com> <alpine.BSF.2.11.1409071906310.16169@joyce.lan> <20140908030941.GT26920@mournblade.imrryr.org> <CAMm+LwhMsx7pGJo_pRPUWj_GqZfD_s78z+KMw_YOZ92LsoExMg@mail.gmail.com>
Organisation: g10 Code GmbH
X-message-flag: Mails containing HTML will not be read! Please send only plain text.
OpenPGP: id=1E42B367; url=finger:wk@g10code.com
Date: Mon, 08 Sep 2014 20:41:59 +0200
In-Reply-To: <CAMm+LwhMsx7pGJo_pRPUWj_GqZfD_s78z+KMw_YOZ92LsoExMg@mail.gmail.com> (Phillip Hallam-Baker's message of "Mon, 8 Sep 2014 09:53:34 -0400")
Message-ID: <87egvm7y4o.fsf@vigenere.g10code.de>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Archived-At: http://mailarchive.ietf.org/arch/msg/endymail/fnzquLLNLQidkJexPRtyffWuQ98
Cc: endymail <endymail@ietf.org>
Subject: Re: [Endymail] spam versus cleartext
X-BeenThere: endymail@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <endymail.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/endymail>, <mailto:endymail-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/endymail/>
List-Post: <mailto:endymail@ietf.org>
List-Help: <mailto:endymail-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/endymail>, <mailto:endymail-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Sep 2014 18:46:48 -0000

On Mon,  8 Sep 2014 15:53, phill@hallambaker.com said:

> to use the Google CA. One of the weaknesses of the PGP model was that
> the design ignored the fact that in many circumstances we are in
> hierarchical organization structures that the CA model matches very

Which was fixed 16 years ago with OpenPGP (RFC-2440).  OpenPGP actually
provide a superset of the features you require to implement the X.509
model.  It does not demand its use as it also does not demand the use of
the WoT or any other key validation model - this is all left to the
implementation.  Both major implementations support the hierarchical
model.


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

v2.8.7 | Report a Bug | By Email