* on the Mon, Jul 21, 2014 at 06:23:51PM +0200, Peter Lebbing wrote:
> By the way, regarding DANE as an alternative to the CA system: I think a
> proper
> implementation of authentication through DNS could well be way better than the
> CA system: at least you can only be screwed by people having
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Monday 21 July 2014 at 8:56:21 PM, in
, Peter Lebbing wrote:
> I don't think this helps much authenticating one SMTP
> server to another. Even if it would be possible, they
> are usually operated by ISP's; I don't see them using
> the WoT f
On 07/21/2014 09:23 AM, Peter Lebbing wrote:
By the way, regarding DANE as an alternative to the CA system: I think a proper
implementation of authentication through DNS could well be way better than the
CA system: at least you can only be screwed by people having access to signing
keys for the r
On 21/07/14 21:15, MFPA wrote:
> Doesn't Monkeysphere [0] allow the use of the OpenPGP web of trust to
> authenticate certificates for TLS?
I don't think this helps much authenticating one SMTP server to another. Even if
it would be possible, they are usually operated by ISP's; I don't see them us
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi
On Monday 21 July 2014 at 5:23:51 PM, in
, Peter Lebbing wrote:
> On 21/07/14 15:32, Mark H. Wood wrote:
>> Please remind me why we need an alternative to TLS.
> Well, I actually meant X.509 and the CA system, which
> is what is currently abu
On 21/07/14 15:32, Mark H. Wood wrote:
> Please remind me why we need an alternative to TLS.
Well, I actually meant X.509 and the CA system, which is what is currently
abundantly used in SSL and TLS. If you plug in a different form of
authentication, I think the rest is okay.
> I treat hop-by-hop
On Sat, Jul 19, 2014 at 02:26:44PM +0200, Peter Lebbing wrote:
> By the way: if we had a working alternative to SSL/TLS, all the mail
> servers could talk to eachother securely without eavesdropping. That way
Please remind me why we need an alternative to TLS.
> the contents of e-mails is only ex
Hi Peter,
please do not send me direct replies. I am subscribed so reply-to-list
is sufficient. (I wouldn't ask this of you if I'd receive two copies of
your replies, but I only receive the direct replies and this means I
cannot use reply-to-list. The mailing list is correctly configured, so I
On 19/07/14 00:34, Ingo Klöcker wrote:
> Sure. But the NSA already knows the correspondents of all of our mail
> anyway. Keyserver lookups do not add any additional data
Pssh. What an argument. Please refrain from such useless rhetorics.
> But the keyserver (owner) has to be trustworthy anyway.
