On Apr 2, 2015, at 1:12 PM, Viktor Dukhovni <[email protected]> wrote:
> On Thu, Apr 02, 2015 at 06:52:33PM +0200, Christian R??ner wrote: > >>> libsmaug uses these labels (as well as our soon-to-be available >>> provisioning portal). >> >> Just a question for ._encr and ._sign: >> >> Do you really plan to store private keys in public DNS? Is it, what ._sign >> will be used for? Isn?t this really a security issue? <snip> > To be honest, I don't expect encrypted messages in the mailbox to > ever be very popular, encrypted storage is just too inconvenient > for most users. End-to-end is good for live conversations, but > not so well suited to archived communication. We can try to make > it more usable for those willing to put up with the inconvenience, > but I would not really expect large-scale adoption. Actually, we’re seeing a lot of renewed interest in this. Issues ranging from the Sony incident, to APT threats in networks have seemed to be very motivating to a number of people in the security space. I think we all ought to be very worried about our data when it's at rest (i.e. controlling where and when our data/email/etc is encrypted, by whom, etc.). > That's a personal best guess of course, I am willing to be proved > wrong. We’ve been trying to validate with industry and are seeing the opposite, but I’m certain ymmv. Eric _______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
