On 27 November 2013 21:50, Stephen Farrell <[email protected]>wrote:
> > > On 11/27/2013 09:29 PM, Nico Williams wrote: > > > > Viktor Dukhovni says that anything like DKIM/SPF is bound to fail. > > > > One problem is confusables: users can't really distinguish them, and > > some can be counted on just doing whatever it takes to give their money > > to the phisher, no matter what. In other words, the problem with e-mail > > is that strangers can start conversations with you. (Whereas with web > > services you start the conversations with them, which is not as big a > > problem.) > > I'm not talking about MUAs at all here though. > > On 11/27/2013 09:24 PM, Natanael wrote: > > So, Convergence/Perspectives done on email headers? > > > > Almost. (I'm sure we could throw in a twist of CT too to > keep Ben happy:-) > I am, of course, ecstatic. > > But not with the goal of verifying web server public keys. > In this case we want to verify that the same TLS master > secret got used on each side of each TLS hop, even for > anon-DH. But I think is interesting to do that even at > the level where all we can detect a pervasive attack, > either due to different TLS master secrets where they > should be the same or else because of additional > unexpected or untraceable hops. (Maybe more is achievable > but that's the attack I'm thinking of right now.) > Surely what you want to verify is that the key you saw is the key the domain owner intended to publish? > > Mind you, even if it'd be ok crypto-wise, I'd not be > surprised if it falls down for some mail reason. > > S. > _______________________________________________ > cryptography mailing list > [email protected] > http://lists.randombit.net/mailman/listinfo/cryptography >
_______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
