blob: 50df9747c974531c376f32970349dddf04ae7885 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
|
Return-Path: <milly@bitcoins.info>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
[172.17.192.35])
by mail.linuxfoundation.org (Postfix) with ESMTPS id 77B71AF3
for <bitcoin-dev@lists.linuxfoundation.org>;
Tue, 14 Jul 2015 11:19:59 +0000 (UTC)
X-Greylist: from auto-whitelisted by SQLgrey-1.7.6
Received: from mail.help.org (mail.help.org [70.90.2.18])
by smtp1.linuxfoundation.org (Postfix) with ESMTPS id DB28F112
for <bitcoin-dev@lists.linuxfoundation.org>;
Tue, 14 Jul 2015 11:19:58 +0000 (UTC)
Received: from [10.1.10.25] (B [10.1.10.25]) by mail.help.org with ESMTPA
; Tue, 14 Jul 2015 07:19:53 -0400
To: bitcoin-dev@lists.linuxfoundation.org
References: <CA+w+GKQbOMz5nb_SnLB6Xb0FYzNZ_rEj5nbNjm2jY0+L8JJGAA@mail.gmail.com>
<55A4AF62.4090607@electrum.org>
From: Milly Bitcoin <milly@bitcoins.info>
Message-ID: <55A4F058.4020800@bitcoins.info>
Date: Tue, 14 Jul 2015 07:19:52 -0400
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:38.0) Gecko/20100101
Thunderbird/38.1.0
MIME-Version: 1.0
In-Reply-To: <55A4AF62.4090607@electrum.org>
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 7bit
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham
version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
smtp1.linux-foundation.org
Subject: Re: [bitcoin-dev] Proposal: extend bip70 with OpenAlias
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Development Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Jul 2015 11:19:59 -0000
> If your email account is hacked and someone else gets a certificate in
> your name, you'd be unable to *know* about it, because they would use a
> different CA.
Maybe I am confused but I thought you are using DNSSEC to sign the zones
so only the domain owner could issue certificates for a zone (or
corresponding email address). If you have "example.com" the domain
owner of the domain would sign zone "joe.example.com" which can
correspond to the "joe@example.com" email address. Under this scenario
you would only have one CA per domain.
Russ
|