On 11/27/2013 09:01 PM, Jeffrey Walton wrote: > Isn't the key distribution problem being pushed into DNS? The > underlying problem still exists.
Depends. If say someone ended up sampling the mail header field values seen over a lot of messages then exceptions to key continuity for mail service providers would perhaps be enough to flag potential MITM attacks on the TLS sessions, or "odd" MTAs popping up from nowhere, which are at least some of the goals here. So DKIM-level security could actually be quite useful in this case I reckon. S. _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
