[Cryptography] [cryptography] Email encryption for the wider public
John Levine
johnl at iecc.com
Wed Sep 17 16:35:33 EDT 2014
>I'm not sure I understand what problem you've just solved. Senders still
>need to generate a keypair and encrypt their mail, receivers still need to
>decrypt their mail. All you've done is remove key lookup and replaced it
>with a From: header.
Right, and you still have all the problems of key management, with a
new one that you have to change your e-mail address if you lose the
keys.
DANE (or an upcoming minor extension thereof) allows you to store the
public key for an e-mail address in the DNS. That seems to me to have
somewhat more tractable key management issues, since a single key is
not eternally tied to an e-mail address.
R's,
John
More information about the cryptography
mailing list