[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ::scr tales from the crypto



** If I have to explain that quoting is fine

Well rampant failure to prune quoting gets my goat as well, my obscurantist point was more the fact that the method for calculating is just cack and easily avoided and doesn't really tell anybody anything that isn't already directly and easily observable :)


+ 0.0 Sender looks up the recipients public key id. ... >Of course all this depends on the first step of people registering >their keys with keyserver.net, or at least passing around their public >keys in some way which pleases them.

No, you seem to have missed my point. Firstly that entails the sender rather than the software having to look up the key. Secondly the private keys get stored locally - and then how do you know that the key is up-to-date?

OK, here's part of my scenario again.

Say the address is <scr@xxxxxxxxxxxxxxxxxx>, then the client looks for it at (making up a new protocol as I go) keys://cloudband.com which either returns the key or passes the request on to the subdomain if so configured. People could, just like dns, run their own keyserver or have somebody else host it or point to another server (hello keyserver.net). [0] Now the sender never has to bother looking for the key: it just happens transparently every time s|he sends an encrypted mail. Now, sometimes the keyserver may not be online, well a la dns, what's required is a secondary keyserver...

In addition this has the advantage that no particular algorithm or encryption scheme has to be used but rather like ssh (perhaps I'm wrong about this but this is how I understood it when I set it up on my machine) each exchange can negotiate whatever it wants (depending on the particular client being configured right) which means that people could even randomly cycle through multiple keys/algorithms (for even greater security) or more realistically have different levels of security so that people using weaker encryption can still communicate (with a user-configurable minimal level).

[0] Obviously there are issues of your keyserver being spoofed/hacked which would of course be as easy or as difficult as spoofing/hacking your domain. But keyserver.net surely suffers from the same problems, doesn't it? And how does keyserver.net prevent people posting false information in the first place?
http://www.keyserver.net/en/about.html is rather quiet on this subject and adds fuel to my argument that keyserver.net is exactly backwards. Propagating all the keys around all the servers rather than propagating which server the key is to be found on? Other people able to upload old versions of your key?