::scr tales from the crypto

Alex Robinson scr@thegestalt.org
Fri, 19 Apr 2002 23:05:44 +0100


  ** If I have to explain that quoting is fine

Well rampant failure to prune quoting gets my goat as well, my 
obscurantist point was more the fact that the method for calculating 
is just cack and easily avoided and doesn't really tell anybody 
anything that isn't already directly and easily observable :)


  + 0.0 Sender looks up the recipients public key id.
  ...
  >Of course all this depends on the first step of people registering
  >their keys with keyserver.net, or at least passing around their public
  >keys in some way which pleases them.

No, you seem to have missed my point. Firstly that entails the sender 
rather than the software having to look up the key. Secondly the 
private keys get stored locally - and then how do you know that the 
key is up-to-date?

OK, here's part of my scenario again.

Say the address is <scr@alex.cloudband.com>, then the client looks 
for it at (making up a new protocol as I go) keys://cloudband.com 
which either returns the key or passes the request on to the 
subdomain if so configured. People could, just like dns, run their 
own keyserver or have somebody else host it or point to another 
server (hello keyserver.net). [0] Now the sender never has to bother 
looking for the key: it just happens transparently every time s|he 
sends an encrypted mail. Now, sometimes the keyserver may not be 
online, well a la dns, what's required is a secondary keyserver...

In addition this has the advantage that no particular algorithm or 
encryption scheme has to be used but rather like ssh (perhaps I'm 
wrong about this but this is how I understood it when I set it up on 
my machine) each exchange can negotiate whatever it wants (depending 
on the particular client being configured right) which means that 
people could even randomly cycle through multiple keys/algorithms 
(for even greater security) or more realistically have different 
levels of security so that people using weaker encryption can still 
communicate (with a user-configurable minimal level).

[0] Obviously there are issues of your keyserver being spoofed/hacked 
which would of course be as easy or as difficult as spoofing/hacking 
your domain. But keyserver.net surely suffers from the same problems, 
doesn't it? And how does keyserver.net prevent people posting false 
information in the first place?
http://www.keyserver.net/en/about.html is rather quiet on this 
subject and adds fuel to my argument that keyserver.net is exactly 
backwards. Propagating all the keys around all the servers rather 
than propagating which server the key is to be found on? Other people 
able to upload old versions of your key?