> -----Original Message----- > From: dane [mailto:[email protected]] On Behalf Of Paul Wouters > > On Wed, 5 Aug 2015, Carsten Strotmann wrote: > > > for OPENPGPKEY/SMIMECERT zones, operators could (maybe SHOULD) use > > NSEC/NSEC3 "narrow" signing to prevent "zone-walking". > > email addresses are not secret. That is not the privacy you can protect > at all. Anyone can either do a internet search or just attempt to > deliver an email to figure out if the email address is valid.
Disagree! This really depends on the person and scenarios. For some people maybe it is not a problem to share their email addresses or put them on their public websites because it is a part of their job. For example a company shares its email to others so that other can contact them. But for someone like a president of a country or a politician it is important because a criminal can bug them by threatening them, try to hack their email by sending messages with fake links to do phishing attack or send codes inside html body of the email to access their computer and infect it. Therefore, from privacy point of view, as much information as I can have about a victim, the chance of attack is higher. > The only realy privacy concern is learning who is querying, meaning who > is interested in mailing a particular user - assuming everything else > on the email path is secureb by TLS, and the domain is large enough to > actually hide the userbase (that is, nohats.ca is already a lost cause, > because everyone knows a TLS connection to mx.nohats.ca means you are > going to email me) Nope, some people who really care about their privacy uses different emails for different purposes (business, family, friends). > > Breaking hashes requires much more "willful intent" than decoding > BASE32. > > But that difference these days is basically zero as soon as someone > puts up a module for johntheripper or hashcat or something on github. Again disagree. Hosnieh _______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
