On Apr 2, 2015, at 2:15 PM, Paul Wouters <p...@nohats.ca> wrote: > On Thu, 2 Apr 2015, Paul Wouters wrote: > >> Right, and: >> >> for email signing): >> - must have the Digital Signature or Non-Repudiation OID?s as a Key Usage. >> >> (for email encryption): >> - must have the Key Agreement or Data Encipherment OID?s as a Key Usage. >> >> So why add the dns complexity for _sign and _encrypt. > > Additionally, using the DNS prefix leaks the intent of the user. The DNS > servers should not know whether or not a user is going to sign or > encrypt.
I think that’s a red hearing. Either the user is worried about this, and we have the whole learning intent through DNS lookups (in which case I refer to an email I sent earlier today, which proposes to use URIs in SMIMEA certs at the apex of a zone), or not. In any event, I really can’t understand where there is clear gain to an adversary in knowing encr/sign over just the transmission of email, when the real protection in the crypto being used _after_ keys are learned? By contrast, we get a lot of management and configurability gains by giving users these hooks. Eric _______________________________________________ dane mailing list dane@ietf.org https://www.ietf.org/mailman/listinfo/dane