Yahoo releases internet standard draft for using DNS as public key server

Russell Nelson nelson at
Sat May 29 23:15:14 EDT 2004

 > also sprach Ed Gerck <egerck at> [2004.05.28.1853 +0200]:
 > > It's "industry support". We know what it means: multiple,
 > > conflicting approaches, slow, fragmented adoption --> will not
 > > work.

In other words .... change.  If you have any alternatives to change,
please describe them.  Ollivander's wand shop is not available in this

 > > It would be better if the solution does NOT need industry
 > > support at all, only user support. It should use what is already
 > > available.

This is the point in the script at which I laugh at you, Ed.  S/MIME
and PGP have been available for many many years now.  How many
messages to the Cryptography Mailing List are cryptographically
signed?  If it was going to happen, it would have *already* happened.

martin f krafft writes:
 >   - The technology is too complex to be grasped. users may be able
 >     to select encryption in their GUI, but they fail to understand
 >     the consequences. This is especially problematic on the receiver
 >     side, because no standard user knows how to handle a BAD
 >     SIGNATURE alert.

Yup.  That's why I think that the MTA that checks the signature should
surround the RFC2822 address comment with '?' if the signature is
missing or bad.  If the email lacks a valid signature, you really
*don't* know who it's from, so the question marks are simply telling
the truth.

 >   - The infrastructure is not there. Two standards compete for email
 >     cryptography, and both need an infrastructure to back them up.

Two standards?  DomainKeys and what else?

--My blog is at  | 
Crynwr sells support for free software  | PGPok | Bugs of a feather
521 Pleasant Valley Rd. | +1 315 268 1925 voice | flock together.
Potsdam, NY 13676-3213  | FWD# 404529 via VOIP  | 

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list