Yahoo releases internet standard draft for using DNS as public key server

Ed Gerck egerck at
Mon May 31 15:04:41 EDT 2004

Peter Gutmann wrote:
> The S/MIME list debated this some time ago, and decided (pretty much
> unanimously) against it, for two reasosn.  Firstly, because it adds huge ugly
> blobs of base64 crap to each message (and before the ECC fans leap in here,
> that still adds small ugly blobs of base64 crap to each message).  Secondly,
> because if you get a message from someone you know you'll be able to get a
> pretty good idea of its authenticity from the content (for example an SSH
> developer would be unlikely to be advocating SSL in a list posting), and if
> you get a message from someone you don't know then it's pretty much irrelevant
> whether it's signed or not.  So the consensus was not to sign messages.

What you're saying is that based on only *two* bits of information (e.g., SSH=1
and SSL=0) for a given mail sender, the message could be authenticated well-enough
to be useful in the operational context.

I agree with this and that's why I think that conventional digital signatures
with 1024-bit keys are an overkill for common email. If the ugly blob of base64
rubbish is small enough, it should be tolearable.

The problem with asymmetric keys, though, is that faking short signatures is
too trivial for current cryptosystems.

Ed Gerck

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list