[Cryptography] Cryptographic mailto: URI

Dirk-Willem van Gulik dirkx at webweaving.org
Mon Sep 23 04:09:28 EDT 2013


Op 20 sep. 2013, om 14:55 heeft Phillip Hallam-Baker <hallam at gmail.com> het volgende geschreven:

> On Fri, Sep 20, 2013 at 4:36 AM, Dirk-Willem van Gulik <dirkx at webweaving.org> wrote:
> 
> Op 19 sep. 2013, om 19:15 heeft Phillip Hallam-Baker <hallam at gmail.com> het volgende geschreven:
> 
> > Let us say I want to send an email to alice at example.com securely.
> ...
> > ppid:alice at example.com:example.net:Syd6BMXje5DLqHhYSpQswhPcvDXj+8rK9LaonAfcNWM
>...
>         <id>.<ns>.<namespace>.fqdn-in-some-tld.
> 
> which is in fact a first-come, first-served secure dynamic dns updatable zone containing the public key.
> 
> Which once created allows only updating to those (still) having the private key of the public key that signed the initial claim of that <id>.
> 
> Interesting, though I suspect this is attempting to meet different trust requirements than I am.

Most likely. The aim was not so much to secure an entry - but to provide a sufficiently solid bread-crum trail to the information which could be used to do so; to be able to use both 'trust on first contact' -or- a trust chain; and to provide 'low cost' yet very robust pillars that can be managed by 'untrusted' parties. 

Or in other words - the design focused more on a workable trust infrastructure with the governance pushed as close to the (end) user as possible; at the expense of some 'absolute default' trust (absolute  as in the sort of trust you'd get by default from 'some deity/governement/big-mega-crop says I am good/interacting with a legal entity).

Dw.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20130923/4ad8d59e/attachment.html>


More information about the cryptography mailing list