What happened to dot pro... (BTW)
Bradley Dunn
bradley at dunn.org
Mon Feb 2 04:05:14 UTC 2004
John R Levine wrote:
> A PGP or S/MIME signature assures you that the mail definitely came from
> the address it purports to come from, but it doesn't tell you whether that
> person is who you think it is. That's where limited access domains can
> help.
No actually a PGP signature assures you that a particular private key
was used to sign a message. It doesn't tell you whether that key belongs
to who you think it does. Thus you would verify the key fingerprint via
an out of band method (phone, in person, business card). I don't see how
a limited access domain helps in binding keys to people, unless the
registrars are going to start acting as CAs as well. Anyone can create a
PGP key with trustme at fubar.cpa.pro as an associated email address.
Bradley
More information about the NANOG
mailing list