[Freedombox-discuss] Should the box do DANE for PGP?

Subject: [Freedombox-discuss] Should the box do DANE for PGP?
From: sandyinchina@gmail.com (Sandy Harris)
Date: Fri, 5 Aug 2016 15:49:53 -0400
Message-id: <[🔎] CACXcFmnaOOvqcZJ6oeBniCont3N9zCksy1kzVYS2qY_s==03Sg@mail.gmail.com>

The draft for authenticating PGP keys via DANE (DNS Authentication of
Named Entities) has just become an RFC. Unfortunately it took three
years and it is tagged as "experimental" rather than "standards
track", but at least it is now available.
https://tools.ietf.org/html/rfc7929

This would let far more Box users send & receive PGP-encrypted
messages, so I'd say it is obviously a Good Thing, worth adding to Box
software.

On the down side, it is not entirely secure without DNS-sec. Nor are
FreeS/WAN descendants which rely on DNS for authentication in IPsec.
Do we have any plan for the infrastructure to do DNS-sec on the Box?

Reply to:

Prev by Date: [Freedombox-discuss] Nighlies for Raspberry old ?
Next by Date: [Freedombox-discuss] Freedombox backup + encryption
Previous by thread: [Freedombox-discuss] Nighlies for Raspberry old ?
Next by thread: [Freedombox-discuss] Freedombox backup + encryption
Index(es):
- Date
- Thread