Re: [Cryptography] Cryptographic mailto: URI
----- Forwarded message from Phillip Hallam-Baker <hallam@gmail.com> ----- Date: Fri, 20 Sep 2013 08:55:48 -0400 From: Phillip Hallam-Baker <hallam@gmail.com> To: Dirk-Willem van Gulik <dirkx@webweaving.org> Cc: "cryptography@metzdowd.com" <cryptography@metzdowd.com> Subject: Re: [Cryptography] Cryptographic mailto: URI On Fri, Sep 20, 2013 at 4:36 AM, Dirk-Willem van Gulik <dirkx@webweaving.org
wrote:
Op 19 sep. 2013, om 19:15 heeft Phillip Hallam-Baker <hallam@gmail.com> het volgende geschreven:
Let us say I want to send an email to alice@example.com securely. ... ppid:alice@example.com:example.net: Syd6BMXje5DLqHhYSpQswhPcvDXj+8rK9LaonAfcNWM ... example.net is a server which will resolve the reference by means of a simple HTTP query using the pattern http://<host>/.well-known/ppid/<hash> "Syd...NWM" is the Base64 hash of OID-SHA256 + SHA256(X) .. So to use this as a mechanism for ghetto key distribution receivers would add the URI into their account. Or let their PKI discovery agent do it for them.
We've been experimenting with much the same. With two twists. Basic principle is the same.
We use:
- <namespace>:<id>
as to keep it short. ID is currently a <sha1>; namespace is a 2-3 char identifier. We then construct with this a 'hardcoded' zone name:
<namespace>.fqdn-in-some-tld.
which is to have a (signed) entry for in DNS:
<id>.<ns>.<namespace>.fqdn-in-some-tld.
which is in fact a first-come, first-served secure dynamic dns updatable zone containing the public key.
Which once created allows only updating to those (still) having the private key of the public key that signed the initial claim of that <id>.
Interesting, though I suspect this is attempting to meet different trust requirements than I am. A couple of days ago I spoke with someone well known here who has seen the Snowden files. His take was that when the NSA has a choice of doing A or B it always does both. I think we need to adopt the same approach but in a way that lets all the various approaches work together. It should not be necessary for me to install five plug ins into Thunderbird to support five different flavors of researchy trust infrastructure. A better approach is to have one plug-in, or better native support for a connector to a Web Service that can then perform all the researchy trust infrastructure navigation on my behalf. The Web service can be shared between users and when there is a new researchy trust infrastructure proposed, all that is necessary to add it into the mix is to extend the Web Service and everyone using it can try out the new scheme and see if it is practical. This approach does introduce the risk that the web service might be compromised. Particularly if the client is unable to perform at least some degree of local validation on the keys. But the long term expectation would be that support for trust infrastructures that prove to be stable, widely used, and effective will eventually migrate into the client. At this point the experimental research question should be 'is this trust infrastructure practical'. We can get a very good idea of the security properties of the system by looking at how people use it and doing math. -- Website: http://hallambaker.com/ _______________________________________________ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org AC894EC5: 38A5 5F46 A4FF 59B8 336B 47EE F46E 3489 AC89 4EC5
participants (1)
-
Eugen Leitl