On 11/27/2013 09:29 PM, Nico Williams wrote: > > Viktor Dukhovni says that anything like DKIM/SPF is bound to fail. > > One problem is confusables: users can't really distinguish them, and > some can be counted on just doing whatever it takes to give their money > to the phisher, no matter what. In other words, the problem with e-mail > is that strangers can start conversations with you. (Whereas with web > services you start the conversations with them, which is not as big a > problem.)
I'm not talking about MUAs at all here though. On 11/27/2013 09:24 PM, Natanael wrote: > So, Convergence/Perspectives done on email headers? > Almost. (I'm sure we could throw in a twist of CT too to keep Ben happy:-) But not with the goal of verifying web server public keys. In this case we want to verify that the same TLS master secret got used on each side of each TLS hop, even for anon-DH. But I think is interesting to do that even at the level where all we can detect a pervasive attack, either due to different TLS master secrets where they should be the same or else because of additional unexpected or untraceable hops. (Maybe more is achievable but that's the attack I'm thinking of right now.) Mind you, even if it'd be ok crypto-wise, I'd not be surprised if it falls down for some mail reason. S. _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
