::scr tales from the crypto
Alex Robinson
scr@thegestalt.org
Fri, 19 Apr 2002 23:05:44 +0100
** If I have to explain that quoting is fine
Well rampant failure to prune quoting gets my goat as well, my
obscurantist point was more the fact that the method for calculating
is just cack and easily avoided and doesn't really tell anybody
anything that isn't already directly and easily observable :)
+ 0.0 Sender looks up the recipients public key id.
...
>Of course all this depends on the first step of people registering
>their keys with keyserver.net, or at least passing around their public
>keys in some way which pleases them.
No, you seem to have missed my point. Firstly that entails the sender
rather than the software having to look up the key. Secondly the
private keys get stored locally - and then how do you know that the
key is up-to-date?
OK, here's part of my scenario again.
Say the address is <scr@alex.cloudband.com>, then the client looks
for it at (making up a new protocol as I go) keys://cloudband.com
which either returns the key or passes the request on to the
subdomain if so configured. People could, just like dns, run their
own keyserver or have somebody else host it or point to another
server (hello keyserver.net). [0] Now the sender never has to bother
looking for the key: it just happens transparently every time s|he
sends an encrypted mail. Now, sometimes the keyserver may not be
online, well a la dns, what's required is a secondary keyserver...
In addition this has the advantage that no particular algorithm or
encryption scheme has to be used but rather like ssh (perhaps I'm
wrong about this but this is how I understood it when I set it up on
my machine) each exchange can negotiate whatever it wants (depending
on the particular client being configured right) which means that
people could even randomly cycle through multiple keys/algorithms
(for even greater security) or more realistically have different
levels of security so that people using weaker encryption can still
communicate (with a user-configurable minimal level).
[0] Obviously there are issues of your keyserver being spoofed/hacked
which would of course be as easy or as difficult as spoofing/hacking
your domain. But keyserver.net surely suffers from the same problems,
doesn't it? And how does keyserver.net prevent people posting false
information in the first place?
http://www.keyserver.net/en/about.html is rather quiet on this
subject and adds fuel to my argument that keyserver.net is exactly
backwards. Propagating all the keys around all the servers rather
than propagating which server the key is to be found on? Other people
able to upload old versions of your key?