What happened to dot pro... (BTW)

Bradley Dunn bradley at dunn.org
Mon Feb 2 04:05:14 UTC 2004


John R Levine wrote:
> A PGP or S/MIME signature assures you that the mail definitely came from
> the address it purports to come from, but it doesn't tell you whether that
> person is who you think it is.  That's where limited access domains can
> help.

No actually a PGP signature assures you that a particular private key 
was used to sign a message. It doesn't tell you whether that key belongs 
to who you think it does. Thus you would verify the key fingerprint via 
an out of band method (phone, in person, business card). I don't see how 
a limited access domain helps in binding keys to people, unless the 
registrars are going to start acting as CAs as well. Anyone can create a 
PGP key with trustme at fubar.cpa.pro as an associated email address.

Bradley



More information about the NANOG mailing list