Re: [Endymail] Hashes of key as addresses
Phillip Hallam-Baker <phill@hallambaker.com> Thu, 04 September 2014 15:10 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: endymail@ietfa.amsl.com
Delivered-To: endymail@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id 7333C1A8919
for <endymail@ietfa.amsl.com>; Thu, 4 Sep 2014 08:10:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.978
X-Spam-Level:
X-Spam-Status: No, score=-0.978 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, MIME_8BIT_HEADER=0.3,
SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id 0J3ZS0NYovyd for <endymail@ietfa.amsl.com>;
Thu, 4 Sep 2014 08:10:32 -0700 (PDT)
Received: from mail-lb0-x22b.google.com (mail-lb0-x22b.google.com
[IPv6:2a00:1450:4010:c04::22b])
(using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id 99ADE1A890C
for <endymail@ietf.org>; Thu, 4 Sep 2014 08:10:18 -0700 (PDT)
Received: by mail-lb0-f171.google.com with SMTP id 10so3013478lbg.2
for <endymail@ietf.org>; Thu, 04 Sep 2014 08:10:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
h=mime-version:sender:in-reply-to:references:date:message-id:subject
:from:to:cc:content-type:content-transfer-encoding;
bh=8BThwuqo62KuL/o4V1REmW6HPAoyilHFrYcwHhhQ3so=;
b=lIcMdxmcpEjgxFri+OkLu13UjMTbIR8L4iOCNGNoPhUbD7VNqQy/KpK7S6NndPxEq/
5kCBDrLHZD60UHDcKC60Kb/Dg6a9Qmz6AArajbA0pxv2pT9FSzzgFlWJyYmYdpTtyfVt
0RYJVA8Af3wmPZrlFxguh7pXRSJFJjtSeYxN9xulj/P9eK5usVId93GoGDWzMpzXuuYa
e/nYq2C6zlAALeSFDL4imPsPT/slxH9RJ6EttDCSYCTYN0I6vw7CMmPY8dk72qQuD4w9
LFg7+gIU9ohTP6GbhlF0y4FkCGx8qdP2EYpnTWbVnMSs7ynvkvLpKcKimvSnmA3Mlvva
Nm/Q==
MIME-Version: 1.0
X-Received: by 10.112.24.104 with SMTP id t8mr5157033lbf.46.1409843416697;
Thu, 04 Sep 2014 08:10:16 -0700 (PDT)
Sender: hallam@gmail.com
Received: by 10.112.122.50 with HTTP; Thu, 4 Sep 2014 08:10:16 -0700 (PDT)
In-Reply-To: <20140904132955.GN603@yeono.kjorling.se>
References: <CAMm+LwimhUi5uZAgm9erYtMJ9-o6+x__344TwKH4-Pa_-mckfg@mail.gmail.com>
<20140829091133.GA25723@yeono.kjorling.se>
<CAMm+LwhSYm7e4WevDKqewGuOk=O_Zd7dKa1ctfvBzyF3jz4jtg@mail.gmail.com>
<20140904132955.GN603@yeono.kjorling.se>
Date: Thu, 4 Sep 2014 11:10:16 -0400
X-Google-Sender-Auth: FdSSnm1mk_b7rJZmdHiu9zxfGn8
Message-ID: <CAMm+LwgDdWiVYMWx_w3Xs459hY+CEXoi8vcZF2VF6yEJbyM_9A@mail.gmail.com>
From: Phillip Hallam-Baker <phill@hallambaker.com>
To: =?UTF-8?Q?Michael_Kj=C3=B6rling?= <michael@kjorling.se>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Archived-At: http://mailarchive.ietf.org/arch/msg/endymail/mxdGs0KTil0438BWiYhmFtlf1wM
Cc: endymail <endymail@ietf.org>
Subject: Re: [Endymail] Hashes of key as addresses
X-BeenThere: endymail@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <endymail.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/endymail>,
<mailto:endymail-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/endymail/>
List-Post: <mailto:endymail@ietf.org>
List-Help: <mailto:endymail-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/endymail>,
<mailto:endymail-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Sep 2014 15:10:34 -0000
On Thu, Sep 4, 2014 at 9:29 AM, Michael Kjörling <michael@kjorling.se> wrote: > On 29 Aug 2014 09:37 -0400, from phill@hallambaker.com (Phillip Hallam-Baker): >> On Fri, Aug 29, 2014 at 5:11 AM, Michael Kjörling <michael@kjorling.se> wrote: >>> On 28 Aug 2014 19:23 -0400, from phill@hallambaker.com (Phillip Hallam-Baker): >>>> Using hashes of keys as addresses is very powerful. There are >>>> basically three types of address in such schemes: >>>> >>>> 1) traditional human readable >>>> >>>> 2) hash of key >>>> >>>> 3) Traditional human readable + hash of key. >>>> >>>> >>>> So in PPE we use all three in different situations: >>>> >>>> 1) ACAIEA-FONPAC-5AC6LFA-K4ACHC-EAJWAHN-VPAM4A-COYPAO-VAA >>>> >>>> 2) alice@example.com >>>> >>>> 3) ACAIEA-FONPAC-5AC6LFA-K4ACHC-EAJWAHN-VPAM4A-COYPAO-VAA?alice@example.com >>> >>> Does this scheme not imply that everyone who wants to validate an >>> address, or know to where to pass a message given an address, needs to >>> either (a) query some form of central repository where all address >>> (hash)es are registered, or (b) have a local cache of all valid >>> address (hash)es? >> >> No, it implies some mechanism for resolving the hashes. But that does >> not need to be centralized. > > Fair enough, but how would you resolve such a hash without > connectivity? How does the email get sent at all without connectivity? Now clearly there are circumstances in which a client has a compromised email only connection. But these are actually pretty rare these days and I don't see a problem with saying that we can't do end to end directly in that situation. In my current implementation the email can be composed offline as normal. The S/MIME enhancement takes place in an outbound SMTP proxy as the mail is being sent. > We know that traffic analysis is being done on a massive scale, and > have good reason to believe that encrypted traffic is routinely and > specifically targeted for storage for possible later analysis. Which is why we need STARTTLS even in an endymail world. >> One way that works very well is to use QR codes in an in-person >> meeting. Web of Trust never worked the way PhilZ wanted. But we didn't >> carry supercomputers with cameras (aka smartphones) then. > > Far from everyone does, even today. [1] Should the protocol be > designed to essentially require such? Well it is working right now without any QR code implemtnation. >> There does not need to be a central repository. There does not even >> need to be global connectivity. > > Then how would you propose to validate a hash, or given a hash, send a > message to it, without some sort of connectivity to some sort of hash > repository? The repository does not need to be unified or global. Right now the so-called 'repository' consists of posting files to a web site of the email address holder's choice. I do object when people insert pejorative terms like 'global repository' into a scheme. I think it very likely that a global repository will emerge naturally because it is convenient to do and I expect 95% of keys to end up in it. But I do not expect it to ever be complete.
- [Endymail] Hashes of key as addresses Phillip Hallam-Baker
- Re: [Endymail] Hashes of key as addresses Leo Vegoda
- Re: [Endymail] Hashes of key as addresses Phillip Hallam-Baker
- Re: [Endymail] Hashes of key as addresses Michael Kjörling
- Re: [Endymail] Hashes of key as addresses Phillip Hallam-Baker
- Re: [Endymail] Hashes of key as addresses Michael Kjörling
- Re: [Endymail] Hashes of key as addresses Stephen Farrell
- Re: [Endymail] Hashes of key as addresses Phillip Hallam-Baker
- Re: [Endymail] Hashes of key as addresses Steffen Nurpmeso
- Re: [Endymail] Hashes of key as addresses Arnt Gulbrandsen
- Re: [Endymail] Hashes of key as addresses Viktor Dukhovni
- Re: [Endymail] Hashes of key as addresses Phillip Hallam-Baker
- Re: [Endymail] Hashes of key as addresses Viktor Dukhovni