Il 11/27/13, 10:01 PM, Jeffrey Walton ha scritto:
The problem with DANE is the lack of DNSSEC. If we had both [...]
When I refer to DANE, I also mean that DNSSEC must be there. We're
getting there.
Isn't the key distribution problem being pushed into DNS? The
underlying problem still
On Mon, Nov 25, 2013 at 09:51:41PM +, Stephen Farrell wrote:
New work on improving hop-by-hop security for email and other
things is getting underway in the IETF. [1] Basically the idea
I see nothing in the proposed charter you linked to about hop-by-hop
security.
I could imagine something
On Wed, Nov 27, 2013 at 06:02:08PM +, Stephen Farrell wrote:
On 11/27/2013 05:42 PM, Nico Williams wrote:
On Mon, Nov 25, 2013 at 09:51:41PM +, Stephen Farrell wrote:
New work on improving hop-by-hop security for email and other
things is getting underway in the IETF. [1] Basically
Hiya,
On 11/27/2013 06:58 PM, Nico Williams wrote:
I could imagine something like Received headers to document how each
SMTP (and SUBMIT) end-point was authenticated (if they were) along a
mail transfer path. This would be of some utility, particularly for
*short* paths
On Wed, Nov 27, 2013 at 08:01:19PM +, Stephen Farrell wrote:
On 11/27/2013 06:58 PM, Nico Williams wrote:
[...]
I'm not sure detecting the path length in terms of ADMDs is so
easy, not so useful in terms of MTAs (with all the spam checking
Sure it is! Nowadays the path should
On Wed, Nov 27, 2013 at 3:34 PM, Nico Williams n...@cryptonector.com wrote:
On Wed, Nov 27, 2013 at 08:01:19PM +, Stephen Farrell wrote:
On 11/27/2013 06:58 PM, Nico Williams wrote:
[...]
The problem with DANE is the lack of DNSSEC. If we had both [...]
When I refer to DANE, I also
On 11/27/2013 09:01 PM, Jeffrey Walton wrote:
Isn't the key distribution problem being pushed into DNS? The
underlying problem still exists.
Depends. If say someone ended up sampling the mail header
field values seen over a lot of messages then exceptions
to key continuity for mail service
So, Convergence/Perspectives done on email headers?
- Sent from my phone
Den 27 nov 2013 22:07 skrev Stephen Farrell stephen.farr...@cs.tcd.ie:
On 11/27/2013 09:01 PM, Jeffrey Walton wrote:
Isn't the key distribution problem being pushed into DNS? The
underlying problem still exists.
Viktor Dukhovni says that anything like DKIM/SPF is bound to fail.
One problem is confusables: users can't really distinguish them, and
some can be counted on just doing whatever it takes to give their money
to the phisher, no matter what. In other words, the problem with e-mail
is that
On 11/27/2013 09:29 PM, Nico Williams wrote:
Viktor Dukhovni says that anything like DKIM/SPF is bound to fail.
One problem is confusables: users can't really distinguish them, and
some can be counted on just doing whatever it takes to give their money
to the phisher, no matter what. In
On 26/11/13 03:03 AM, coderman wrote:
On Mon, Nov 25, 2013 at 1:51 PM, Stephen Farrell
stephen.farr...@cs.tcd.ie wrote:
...
Personally, I'm not at all confident that we can do something
that provides end-to-end security, can be deployed at full
Internet scale and is compatible with today's
If we're discussing about this topic it is because of people. emails are
one people's need: as techis we could create and use any other fancy
communication means and do not bother.
So if we want to bring a new communication infrastructure for everybody
we cannot jump over the existing one, which
That can really only be solved by gateways, IMHO. It's the only way to talk
between the systems that don't put limits on how secure either one can be.
- Sent from my phone
Den 26 nov 2013 16:09 skrev c1cc10 r...@isolved.it:
If we're discussing about this topic it is because of people. emails
Say hello to Bote mail on I2P.
I2P provides encrypted anonymizing networking, Bote mail provides DHT based
serverless encrypted mailing with public crypto keys as addresses (ECDSA or
NTRU).
http://i2p2.de and i2pbote.i2p (if you don't have I2P installed, add .us to
visit it via an inproxy).
On Mon, Nov 25, 2013 at 1:01 AM, ianG i...@iang.org wrote:
On 23/11/13 15:30 PM, Ralf Senderek wrote:
On Sat, 23 Nov 2013, David Mercer wrote:
But of course you're right about actual current usage, encrypted email
is an
epic fail on that measure regardless of format/protocol.
Yes, but it's
I'm strongly against most the ideas to abbandon current email systems,
because the results will be to create wallet garden.
We need something interoperable with existing systems or the system will
just be used by a bunch of paranoid people or fostered by the marketing
of few cryptography company
And there's your problem - you can at best only add gateways/proxies, you
can't actually improve the existing protocols in any meaningful way.
- Sent from my phone
Den 25 nov 2013 21:09 skrev Fabio Pietrosanti (naif)
li...@infosecurity.ch:
I'm strongly against most the ideas to abbandon
On 11/25/2013 08:09 PM, Fabio Pietrosanti (naif) wrote:
Let's first cut-off the massive passive traffic analysis, then improve
current systems to provide some added protection against metadata,
focusing in a far future, when the new system got already wide adoption,
make it perfect.
New
On Mon, Nov 25, 2013 at 1:51 PM, Stephen Farrell
stephen.farr...@cs.tcd.ie wrote:
...
Personally, I'm not at all confident that we can do something
that provides end-to-end security, can be deployed at full
Internet scale and is compatible with today's email protocols.
But if others are more
19 matches
Mail list logo
