[cryptography] [Cryptography] Email is unsecurable

Stephen Farrell stephen.farrell at cs.tcd.ie
Wed Nov 27 16:06:47 EST 2013



On 11/27/2013 09:01 PM, Jeffrey Walton wrote:
> Isn't the key distribution problem being pushed into DNS? The
> underlying problem still exists.

Depends. If say someone ended up sampling the mail header
field values seen over a lot of messages then exceptions
to key continuity for mail service providers would perhaps
be enough to flag potential MITM attacks on the TLS
sessions, or "odd" MTAs popping up from nowhere, which are
at least some of the goals here.

So DKIM-level security could actually be quite useful in
this case I reckon.

S.


More information about the cryptography mailing list