[Cryptography] Strong DNS Names
Tom Mitchell
mitch at niftyegg.com
Fri Sep 9 15:04:13 EDT 2016
On Wed, Sep 7, 2016 at 2:47 PM, Tom Mitchell <mitch at niftyegg.com> wrote:
> On Wed, Sep 7, 2016 at 1:01 AM, Phill <hallam at gmail.com> wrote:
>
>> A while ago, I proposed a new form of ‘strong email address’ that
>> combined a PGP fingerprint like identifier with an email address:
>>
>> MB2GK-6DUF5-YGYYL-JNY5E?alice at example.com
>>
>> The idea of this scheme is that MB2GK-6DUF5-YGYYL-JNY5E is the
>> fingerprint of a key under which a policy
>>
>
> It is interesting that Google's Gmail allows a name+suffix.
> Filters allow binning of the messages.
>
I should note that as important as domain security is the key issue is
end to end for the message and user identity. The Gmail email system of
address
has a billion users and gmail.com to gmail.com would not see improved
security because
both ends are under a single management... Same big numbers apply inside
Facebook
messaging...
The number of domain MX records pointing into Google services is extensive.
Which reminds me that MX records opens man in the middle issues with
ease with the store and forward protocol of mail.
Some connectivity validation does happen with mail now.
DKIM-Signature: v=1; a=rsa-sha256;
Authentication-Results: mx.google.com;
dkim=pass header.i=@gmail.com;
spf=pass (google.com: domain of
--
T o m M i t c h e l l
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160909/d23ab120/attachment.html>
More information about the cryptography
mailing list