[Cryptography] DIME // Pending Questions // Seeking Your Input

Peter Fairbrother zenadsl6186 at zen.co.uk
Sat Mar 7 14:17:01 EST 2015

On 06/03/15 03:56, Christian Huitema wrote:
> As for the signets, that may be the most interesting contribution. If done
> right.

Well, it's a nice name. Whether there is anything good about them is a 
different matter - I haven't seen any evidence of that, but maybe it's 

> If we can indeed solve distribution of user keys, then lots of good things happen.

Indeed. But there is a very big IF in there ..

> But we have to keep it simpler than the initial DIME spec.

It's almost as if it was designed by NSA to leak as much information as 
possible, be hard to implement, and be easy to attack.

It leaks user details (the split signets).

It leaks MIME and other message details.

It requires new server software for existing email servers.

It requires a whole new new server infrastructure.

It requires a user to give out his real name to a CA in order to use it.

It requires a user to trust a server.

It requires a user to make security decisions the average user is 
incapable of.

It has a huge attack surface.

None of these are necessary in order to provide any of the advertised 
functionalities in DIME.

In short, it stinks.

-- Peter Fairbrother


More information about the cryptography mailing list