[Cryptography] Strong DNS Names

Tom Mitchell mitch at niftyegg.com
Fri Sep 9 15:04:13 EDT 2016

On Wed, Sep 7, 2016 at 2:47 PM, Tom Mitchell <mitch at niftyegg.com> wrote:

> On Wed, Sep 7, 2016 at 1:01 AM, Phill <hallam at gmail.com> wrote:
>> A while ago, I proposed a new form of ‘strong email address’ that
>> combined a PGP fingerprint like identifier with an email address:
>> MB2GK-6DUF5-YGYYL-JNY5E?alice at example.com
>> The idea of this scheme is that MB2GK-6DUF5-YGYYL-JNY5E is the
>> fingerprint of a key under which a policy
> It is interesting that Google's Gmail allows a name+suffix.
> Filters allow binning of the messages.

I should note that as important as domain security is the key issue is
end to end for the message and user identity.  The Gmail  email system of
has a billion users and gmail.com  to gmail.com would not see improved
security because
both ends are under a single management...  Same big numbers apply inside

The number of domain MX records pointing into Google services is extensive.

Which reminds me that MX records opens man in the middle issues with
ease with the store and forward protocol of mail.

Some connectivity validation does happen with mail now.
DKIM-Signature: v=1; a=rsa-sha256;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@gmail.com;
       spf=pass (google.com: domain of

  T o m    M i t c h e l l
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160909/d23ab120/attachment.html>

More information about the cryptography mailing list