> On Apr 12, 2017, at 12:19 PM, Paul Wouters <p...@nohats.ca> wrote:
>
>> That being said, the suggestion of using 2 1 1 or even 2 0 0 entries may
>> give the privacy I seek.
>
> It will, but you will then have to come up with a lookup system to find
> the SMIME cert for a given user.
No lookup system required, the certificate comes along with any signed
reply to the first contact message. If that message is signed, then
the reply can also be encrypted.
> If I want to email you without having prior contact, how do I find
> your SMIME cert?
You don't, and this is a feature, because Alice did not want S/MIME
certificate publication to be an easy anti-spam/anti-virus filter
bypass mechanism. With "SMIME 2 1 1 ..." first contact is in the
clear.
> Sure, if you email me you can attach it, but then the problem moves
> from me to you on the first email message.
1. Alice sends Bob a signed mesage:
- Bob can use the "SMIMEA 2 1 1" record of Alice's domain to
verify the signature on Alice's message. Bob caches Alice's
public key (certificate).
- Bob can now use Alice's public key to encrypt replies.
2. Bob sends a signed (optionally encrypted) reply to Alice.
- Alice can use the "SMIMEA 2 1 1" record of Bob's domain to
verify the signature on Bob's message. Alice caches Bob's
public key (certificate).
- Alice can now use Bob's public key to encrypt replies.
Lack of support for encryption on first contact can be seen as a
feature, not a bug.
--
Viktor.
_______________________________________________
dane mailing list
dane@ietf.org
https://www.ietf.org/mailman/listinfo/dane
