Re: [openpgp] The DANE draft
Paul Wouters <paul@nohats.ca> Sat, 25 July 2015 12:30 UTC
Return-Path: <paul@nohats.ca>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CC8BD1A7035 for <openpgp@ietfa.amsl.com>; Sat, 25 Jul 2015 05:30:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.01
X-Spam-Level:
X-Spam-Status: No, score=-2.01 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id j8sb2YXaiB_Y for <openpgp@ietfa.amsl.com>; Sat, 25 Jul 2015 05:30:24 -0700 (PDT)
Received: from mx.nohats.ca (mx.nohats.ca [IPv6:2a03:6000:1004:1::68]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7828C1A037F for <openpgp@ietf.org>; Sat, 25 Jul 2015 05:30:24 -0700 (PDT)
Received: from localhost (localhost [IPv6:::1]) by mx.nohats.ca (Postfix) with ESMTP id 3mdmvM0BFKz21f; Sat, 25 Jul 2015 14:30:23 +0200 (CEST)
Authentication-Results: mx.nohats.ca; dkim=pass (1024-bit key) header.d=nohats.ca header.i=@nohats.ca header.b=jlLRXwYX
X-OPENPGPKEY: Message passed unmodified
X-Virus-Scanned: amavisd-new at mx.nohats.ca
Received: from mx.nohats.ca ([IPv6:::1]) by localhost (mx.nohats.ca [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id DEF5PXbM4W_b; Sat, 25 Jul 2015 14:30:21 +0200 (CEST)
Received: from bofh.nohats.ca (206-248-139-105.dsl.teksavvy.com [206.248.139.105]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx.nohats.ca (Postfix) with ESMTPS; Sat, 25 Jul 2015 14:30:21 +0200 (CEST)
Received: from bofh.nohats.ca (bofh.nohats.ca [127.0.0.1]) by bofh.nohats.ca (Postfix) with ESMTP id B03B880042; Sat, 25 Jul 2015 08:30:20 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nohats.ca; s=default; t=1437827420; bh=nHJcBimJO5AGH+S0lkkU5Eo9TMV+a063jZfK+KzK6rI=; h=Date:From:To:cc:Subject:In-Reply-To:References; b=jlLRXwYXiWNwPb4zb58G9+4KZDlvsDpvqsRKXwI19gXCbDmoNjyVOiuO78BJPzBZ1 +rAf/fsBJAJXpknveuIeR2Rd6hJVu+OX8iKxNtbgguOeZy6GTwM60rpaurKAA6aPaD qYhLUGqkI9DG0xcOh3rDvndXLVu6CVkMULfzQau0=
Received: from localhost (paul@localhost) by bofh.nohats.ca (8.15.1/8.15.1/Submit) with ESMTP id t6PCUKnE011683; Sat, 25 Jul 2015 08:30:20 -0400
X-Authentication-Warning: bofh.nohats.ca: paul owned process doing -bs
Date: Sat, 25 Jul 2015 08:30:20 -0400
From: Paul Wouters <paul@nohats.ca>
To: Aaron Zauner <azet@azet.org>
In-Reply-To: <55B24AAB.7000601@azet.org>
Message-ID: <alpine.LFD.2.11.1507250820120.854@bofh.nohats.ca>
References: <CAMm+LwhYdBLXM8Td8q8SCnzgwywRgMx3wNKeS_Q0JSN4Lh7rZQ@mail.gmail.com> <55B231EB.6000703@cs.tcd.ie> <55B24AAB.7000601@azet.org>
User-Agent: Alpine 2.11 (LFD 23 2013-08-11)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"; format="flowed"
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/ULmSZ-GTrp4dutK7tsgkAEw9p44>
Cc: IETF OpenPGP <openpgp@ietf.org>
Subject: Re: [openpgp] The DANE draft
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 25 Jul 2015 12:30:30 -0000
On Fri, 24 Jul 2015, Aaron Zauner wrote: > Just wanted to point out that UTA has recieved a draft that's very > interesting (and IMHO more valuable than anything that relies on DNSSEC) > - it defines an extension to SMTP and SUBMISSION for querying e-mail > address related information (e.g. PGP keys), and may be used to > authenticate afterwards: > > https://tools.ietf.org/html/draft-moore-email-addrquery-01 This has come up on the dane list too and was discussed at IETF 92 in Dallas. As the introduction to this draft stateS: This document defines several mechanisms which can be used by a client such as a Mail User Agent or Mail Submission Agent, to query an SMTP server which is configured to accept incoming mail for a mail domain, to The problem is that anti-spam policies generally block SMTP ports so an enduser often has no way of reaching a target user's SMTP server for querying the target user data/key. The draft does allow using one's SMTP server's submission port, so if I'm on coffeeshop wifi, presumbly this could still work, but it requires the sender to be an actual user with verifiable credentials. It also allows the ISP to lie about these extensions and to (be forced) to disable these and causing unencrypted emails. Think of the lavabit issue. Paul
- [openpgp] The DANE draft Phillip Hallam-Baker
- Re: [openpgp] The DANE draft Werner Koch
- Re: [openpgp] The DANE draft Stephen Farrell
- Re: [openpgp] The DANE draft Aaron Zauner
- Re: [openpgp] The DANE draft Aaron Zauner
- Re: [openpgp] The DANE draft Stephen Farrell
- Re: [openpgp] The DANE draft Daniel Kahn Gillmor
- Re: [openpgp] The DANE draft Paul Wouters
- Re: [openpgp] The DANE draft Paul Wouters
- Re: [openpgp] The DANE draft Paul Wouters
- Re: [openpgp] The DANE draft Phillip Hallam-Baker
- Re: [openpgp] The DANE draft Phillip Hallam-Baker
- Re: [openpgp] The DANE draft Phillip Hallam-Baker
- Re: [openpgp] The DANE draft Paul Wouters
- Re: [openpgp] [dane] The DANE draft Paul Wouters
- Re: [openpgp] The DANE draft Paul Wouters
- Re: [openpgp] The DANE draft Watson Ladd
- Re: [openpgp] The DANE draft Paul Wouters
- Re: [openpgp] [dane] The DANE draft Werner Koch
- Re: [openpgp] The DANE draft Werner Koch
- Re: [openpgp] The DANE draft Olafur Gudmundsson
- Re: [openpgp] The DANE draft Simon Josefsson
- Re: [openpgp] The DANE draft Daniel Kahn Gillmor
- Re: [openpgp] The DANE draft Paul Wouters
- Re: [openpgp] [dane] The DANE draft Stephen Farrell
- Re: [openpgp] [dane] The DANE draft Stephen Farrell
- Re: [openpgp] [dane] The DANE draft Paul Hoffman
- Re: [openpgp] [dane] The DANE draft Paul Hoffman
- Re: [openpgp] The DANE draft Daniel Kahn Gillmor
- Re: [openpgp] [dane] The DANE draft Daniel Kahn Gillmor
- Re: [openpgp] [dane] The DANE draft Paul Wouters
- Re: [openpgp] [dane] The DANE draft Hosnieh Rafiee
- Re: [openpgp] [dane] The DANE draft Paul Wouters
- Re: [openpgp] [dane] The DANE draft Hosnieh Rafiee
- Re: [openpgp] [dane] The DANE draft Hosnieh Rafiee
- Re: [openpgp] [dane] The DANE draft Vincent Breitmoser
- Re: [openpgp] [dane] The DANE draft Stephen Farrell
- Re: [openpgp] [dane] The DANE draft Paul Wouters
- Re: [openpgp] [dane] The DANE draft Jiankang Yao
- Re: [openpgp] [dane] The DANE draft Daniel Kahn Gillmor