Yahoo releases internet standard draft for using DNS as public key server

Russell Nelson nelson at
Mon May 31 00:56:21 EDT 2004

Peter Gutmann writes:

If Alice and Cathy both implement STARTTLS, and Beatty does not, and
Beatty handles email which is ultimately sent to Cathy, then STARTTLS
accomplishes nothing.  If Uma and Wendy implement DomainKeys, and
Violet does not, and Violet handles email which is ultimately sent to
Wendy, then Wendy can check Uma's signature.

 > [ S/MIME uses huge ugly blogs of base64 crap, and context is
 > sufficient for authentication. ] So the consensus was not to sign
 > messages.

Before I could send the previous email, I had to tell Perry to accept
email from my outgoing email address because I'm subscribed to the
list under a list-specific email address.  If, instead, Perry had a
list of PGP keys and email addresses, he wouldn't *need* to compare
the email address on the incoming email.  He could just verify the
key.  Then, he could discard the signature, since everybody has
owner-cryptography+.* whitelisted anyway, right?

--My blog is at  | 
Crynwr sells support for free software  | PGPok | Bugs of a feather
521 Pleasant Valley Rd. | +1 315 268 1925 voice | flock together.
Potsdam, NY 13676-3213  | FWD# 404529 via VOIP  | 

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list