Re: [openpgp] [dane] Storing public keys in DNS or LDAP, or elsewhere

Paul Wouters <paul@cypherpunks.ca> Fri, 09 August 2013 20:00 UTC

Return-Path: <paul@cypherpunks.ca>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7E6D211E81B1; Fri, 9 Aug 2013 13:00:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.134
X-Spam-Level:
X-Spam-Status: No, score=-2.134 tagged_above=-999 required=5 tests=[AWL=0.465, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iBt4nfFXJp+x; Fri, 9 Aug 2013 13:00:00 -0700 (PDT)
Received: from mx.nohats.ca (mx.nohats.ca [193.110.157.68]) by ietfa.amsl.com (Postfix) with ESMTP id 0994D21F9C7E; Fri, 9 Aug 2013 12:52:08 -0700 (PDT)
Received: from localhost (localhost [IPv6:::1]) by mx.nohats.ca (Postfix) with ESMTP id 3cBcXy6GnGz9bF; Fri, 9 Aug 2013 15:52:02 -0400 (EDT)
X-Virus-Scanned: amavisd-new at mx.nohats.ca
Received: from mx.nohats.ca ([IPv6:::1]) by localhost (mx.nohats.ca [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id QCAr6bWPUvYl; Fri, 9 Aug 2013 15:52:01 -0400 (EDT)
Received: from bofh.nohats.ca (bofh.nohats.ca [76.10.157.69]) by mx.nohats.ca (Postfix) with ESMTP; Fri, 9 Aug 2013 15:52:01 -0400 (EDT)
Received: by bofh.nohats.ca (Postfix, from userid 500) id 93A1480EC9; Fri, 9 Aug 2013 15:52:02 -0400 (EDT)
Received: from localhost (localhost [127.0.0.1]) by bofh.nohats.ca (Postfix) with ESMTP id 863E280E8F; Fri, 9 Aug 2013 15:52:02 -0400 (EDT)
Date: Fri, 9 Aug 2013 15:52:02 -0400 (EDT)
From: Paul Wouters <paul@cypherpunks.ca>
X-X-Sender: paul@bofh.nohats.ca
To: Ben Laurie <ben@links.org>
In-Reply-To: <CAG5KPzy3=F=iw9-omKizcrQ4N03cDABs3WE61+K_VfP=+XmQyw@mail.gmail.com>
Message-ID: <alpine.LFD.2.10.1308091544070.3634@bofh.nohats.ca>
References: <030F2A8C-1C25-4C91-88FD-C81AF44FA98E@openfortress.nl> <A2FA963F-FB8F-4CEE-9001-464A128F1EAD@openfortress.nl> <CAMm+LwjFBhQD+fzQyWbhyWwBNqAXUwC5u4EFivw+US1uCbBccQ@mail.gmail.com> <201308070106.r7716UgN004651@new.toad.com> <CAG5KPzy3=F=iw9-omKizcrQ4N03cDABs3WE61+K_VfP=+XmQyw@mail.gmail.com>
User-Agent: Alpine 2.10 (LFD 1266 2009-07-14)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; format=flowed; charset=US-ASCII
Cc: "Rick van Rein \(OpenFortress\)" <rick@openfortress.nl>, openpgp@ietf.org, Phillip Hallam-Baker <hallam@gmail.com>, John Gilmore <gnu@toad.com>, "dane@ietf.org" <dane@ietf.org>
Subject: Re: [openpgp] [dane] Storing public keys in DNS or LDAP, or elsewhere
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/openpgp>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Aug 2013 20:00:05 -0000

On Fri, 9 Aug 2013, Ben Laurie wrote:

> https://datatracker.ietf.org/doc/draft-ietf-appsawg-webfinger/

To get back somewhat to the openpgpkey dns record type....

The CERT record (RFC-4398) has a type for PGP (data is key blob) and iPGP
(data is URI pointer)

http://tools.ietf.org/html/rfc4398#section-2.1

Perhaps the openpgpkey draft can be generalised and obsolete RFC4398. It
would allow storing user PKIX certificates in DNS as well pgp keys (or
URI's to these respectively)

Paul