On Mon, 20 Jul 2015, Wiley, Glen wrote:
Which they'll also learn by just looking at the zone data, if the
localparts are not hashed in the final spec.
Has there been any recent discussion about using a non-hashed LHS
encoding? I don¹t think there has so we probably don¹t want to bring
that question into scope here.
There was some interested by the powerdns people for this, as they
implement an online signer and could deliver custom signed responses.
John Levine also prefered this approach in the past.
While I think the non-hash version is uglier, I don't think that is
a valid reason not to do it.
I'd be more concerned above passive monitoring, because with
submission over port 587 with TLS, and forward hops from the MSA
to the destination also increasingly over TLS, there is often at
present no cleartext exposure of the envelope recipients.
With SMIMEA, passive monitoring of DNS queries will often reveal
the correspondent addresses.
Obvious but worth a reminderŠpassive monitoring isn¹t a problem peculiar
to the SMIMEA approach, it is an issue for all elements of the email flow
that are not encrypted.
I am assuming that SMTP traffic will be TLS for the majority, either
authenticated or opportunistic. So I think the concern is somewhat
valid. But we did say that the hash was not a security meassure. If we
are going to use it as a security meassure we might have to think about
making it stronger.
Paul
_______________________________________________
dane mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dane
