[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [openpgp] public logging of e-mail certificates [was: Re: OpenPGP private certification]



On Wed 2015-04-01 14:56:16 -0400, Phillip Hallam-Baker wrote:
> The property we want to get from enrolling the endorsement in a log is
> to fix it in time. So we enroll the hash in the log rather than the
> endorsement itself.

It sounds to me like what you're aiming for with the log to make a
first-come, first-served arrangement, maybe as a way to distinguish the
"correct" original key from some latecomer spoof that tries to usurp it.
Is that correct?  (this is quite different from the goals of CT, as far
as i understand it)

If FCFS is your goal, how does a user of this scheme considering
multiple keys for e-mail address alice@xxxxxxxxxxx distinguish the
inevitable legitimate transitions from the would-be usurper?

Some examples of legitimate transitions:

 * Alice loses her personal root key due to fire/theft/flood/whatever

 * Example Corp. closes down, the example.com domain name goes up for
   sale, and the new owner is a different Alice.

(this is getting pretty far afield of openpgp at this point, i think, so
i'm happy to take this discusion someplace else (therightkey?) if you
prefer).

   --dkg

_______________________________________________
openpgp mailing list
openpgp@xxxxxxxx
https://www.ietf.org/mailman/listinfo/openpgp