- From: Kingsley Idehen <kidehen@openlinksw.com>
- Date: Tue, 25 Sep 2012 07:54:09 -0400
- To: Henry Story <henry.story@bblfish.net>
- CC: Warren Kumari <warren@kumari.net>, "public-webid@w3.org" <public-webid@w3.org>, IETF DANE WG list <dane@ietf.org>
- Message-ID: <50619B61.3060206@openlinksw.com>
On 9/25/12 3:21 AM, Henry Story wrote: > Ref: http://tools.ietf.org/html/draft-hoffman-dane-smime-04 > > On 21 Sep 2012, at 19:27, Warren Kumari <warren@kumari.net> wrote: > >> On Sep 10, 2012, at 5:25 PM, Warren Kumari <warren@kumari.net> wrote: >> >>> Dear WG, >>> >>> This draft has already revived some comment (and has been revised to incorporate / address those), so I'm assuming that there will be sufficient interest to adopt, but for the form of the thing: >>> >>> This starts a call for adoption of draft-hoffman-dane-smime. >>> Please provide feedback as to if you would like this draft adopted by Sept 17th, 2012. >> We have discussed this, and see sufficient interest for adopting this draft -- would the authors please re-submit as draft-dane-? > > On the whole, my view is that associating a public key to a user is better done by WebID http://webid.info/ ( see spec http://webid.info/spec/ ). Putting that information in the DNS misses out on a lot of other information you would like to have about a user, is difficult to read, write, and on the whole is very cumbersome. The reason for putting public keys of servers in the DNS is that servers tend not to change that much, their tend to not be that many services per domain, etc... > > There are proposals of using the WebID public keys for MIME on the WebID community group. > > Henry > >> W >> >>> W >>> >>> -- >>> Never criticize a man till you've walked a mile in his shoes. Then if he didn't like what you've said, he's a mile away and barefoot. >>> >>> >>> >> _______________________________________________ >> dane mailing list >> dane@ietf.org >> https://www.ietf.org/mailman/listinfo/dane > Social Web Architect > http://bblfish.net/ > > > > Henry, S/MIME and WebID work together very well. That's something we've long implemented. Notice the certificate used to sign this mail :-) To conclude, WebID is another option with finer granularity and more distributed control (no DNS admin access privileges required, just own a profile document) re., mail sender identity verification. -- Regards, Kingsley Idehen Founder & CEO OpenLink Software Company Web: http://www.openlinksw.com Personal Weblog: http://www.openlinksw.com/blog/~kidehen Twitter/Identi.ca handle: @kidehen Google+ Profile: https://plus.google.com/112399767740508618350/about LinkedIn Profile: http://www.linkedin.com/in/kidehen
Attachments
- application/pkcs7-signature attachment: S/MIME Cryptographic Signature
Received on Tuesday, 25 September 2012 11:56:16 UTC