On Mon, 1 Jun 2015, Stephan Bosch wrote:
While that would be nice, the problem is how you authenticate that to
your ISP or mail hoster, DNS hoster or DNS webgui interface.
Well, I suppose using the same credentials used to read/send e-mail? For
this, I am assuming the mail hoster is the same entity that controls the
domain and can freely modify the _openpgpkey.mail.domain.tld zone. So this
would mean that a DNS update results from a user's key publication request,
as received from a yet-to-devise protocol that is authenticated using SASL
with the same credentials as IMAP/POP3 and SMTP-submission. It could even be
done from within those protocols with some extension, e.g. using IMAP
METADATA.
While this works, you have now reduced the openpgpkey security to an
email password. Anyone with that password can now replace the
openpgpkey of the user. While it is a good starting point, there would
have to be more to secure it, for instance replacing could require
a signing by the old key of the new key (or manual intervention using
support@isp)
I hope there is some common ground to be found. Otherwise, I fear this new
technology could fail in terms of user/MUA adoption. Getting the key out
there should be as easy as possible.
Agreed. And I think it would be useful to write another document on an
SMTP/IMAP extension for doing so. I don't think it should go into the
existing OPENPGPKEY DNS/DANE draft.
Yes, but all of this would be provider-specific, which I think is bad.
Agreed it is terrible, but you'd want the openpgpkey to be somehow more
secure than an email password (reset).
Paul
_______________________________________________
dane mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dane
