Re: [exim] Domain Keys

Top Page
Delete this message
Reply to this message
Author: Magnus Holmgren
Date:  
To: exim-users
Subject: Re: [exim] Domain Keys
On Tuesday 10 April 2007 23:51, Arthur Hagen wrote:
> On Tue, 2007-04-10 at 23:27 +0200, Magnus Holmgren wrote:
> > And even if you can't trust that I am me, you can still be confident
> > that all
> > messages signed with this key come from the same person.
>
> That's another (and common) fallacy. That's only the case if the holder
> of the key can be trusted to keep the secret key confidential. When the
> holder of the key can't be trusted to his identity, that can't be
> trusted either.


It is in his own interest to keep it secret, and to have a revocation
certificate ready in case it's compromised. If that's not enough for you, you
really can't trust that person with anything, cryptographic or not.

-- 
Magnus Holmgren        holmgren@???
                       (No Cc of list mail needed, thanks)


"Exim is better at being younger, whereas sendmail is better for
Scrabble (50 point bonus for clearing your rack)" -- Dave Evans