[Cryptography] Cryptographic mailto: URI
Dirk-Willem van Gulik
dirkx at webweaving.org
Mon Sep 23 04:09:28 EDT 2013
Op 20 sep. 2013, om 14:55 heeft Phillip Hallam-Baker <hallam at gmail.com> het volgende geschreven:
> On Fri, Sep 20, 2013 at 4:36 AM, Dirk-Willem van Gulik <dirkx at webweaving.org> wrote:
>
> Op 19 sep. 2013, om 19:15 heeft Phillip Hallam-Baker <hallam at gmail.com> het volgende geschreven:
>
> > Let us say I want to send an email to alice at example.com securely.
> ...
> > ppid:alice at example.com:example.net:Syd6BMXje5DLqHhYSpQswhPcvDXj+8rK9LaonAfcNWM
> …
...
> <id>.<ns>.<namespace>.fqdn-in-some-tld.
>
> which is in fact a first-come, first-served secure dynamic dns updatable zone containing the public key.
>
> Which once created allows only updating to those (still) having the private key of the public key that signed the initial claim of that <id>.
>
> Interesting, though I suspect this is attempting to meet different trust requirements than I am.
Most likely. The aim was not so much to secure an entry - but to provide a sufficiently solid bread-crum trail to the information which could be used to do so; to be able to use both 'trust on first contact' -or- a trust chain; and to provide 'low cost' yet very robust pillars that can be managed by 'untrusted' parties.
Or in other words - the design focused more on a workable trust infrastructure with the governance pushed as close to the (end) user as possible; at the expense of some 'absolute default' trust (absolute as in the sort of trust you'd get by default from 'some deity/governement/big-mega-crop says I am good/interacting with a legal entity).
Dw.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20130923/4ad8d59e/attachment.html>
More information about the cryptography
mailing list