📅 Original date posted:2015-07-14
📝 Original message:> If your email account is hacked and someone else gets a certificate in
> your name, you'd be unable to *know* about it, because they would use a
> different CA.
Maybe I am confused but I thought you are using DNSSEC to sign the zones
so only the domain owner could issue certificates for a zone (or
corresponding email address). If you have "example.com" the domain
owner of the domain would sign zone "joe.example.com" which can
correspond to the "joe at example.com" email address. Under this scenario
you would only have one CA per domain.
Russ
Milly Bitcoin [ARCHIVE] /
npub1rv…hc5wt
2023-06-07 15:42:06
in reply to nevent1q…n594
Author Public Key
npub1rv5ajnhgrc0wq3ulrk6tcjkgsaq8h4rs5rtsvrnklz4j0lw40egqphc5wtPublished at
2023-06-07 15:42:06Event JSON
{
"id": "409b410b7f27d44d4fb7c2099afe823fb88d865b10b70d217b1fc76bf5068c28",
"pubkey": "1b29d94ee81e1ee0479f1db4bc4ac887407bd470a0d7060e76f8ab27fdd57e50",
"created_at": 1686152526,
"kind": 1,
"tags": [
[
"e",
"2b792280c7c77e1a9146c50dbbc2a8f3336e57397d73b26f225d7fe35c48cd85",
"",
"root"
],
[
"e",
"74b3fa983b3ab18e3ee8c0e55968e7f2362d999bca4d0b7c2d03e334094fa12d",
"",
"reply"
],
[
"p",
"7a4ba40070e54012212867182c66beef592603fe7c7284b72ffaafce9da20c05"
]
],
"content": "📅 Original date posted:2015-07-14\n📝 Original message:\u003e If your email account is hacked and someone else gets a certificate in\n\u003e your name, you'd be unable to *know* about it, because they would use a\n\u003e different CA.\n\nMaybe I am confused but I thought you are using DNSSEC to sign the zones \nso only the domain owner could issue certificates for a zone (or \ncorresponding email address). If you have \"example.com\" the domain \nowner of the domain would sign zone \"joe.example.com\" which can \ncorrespond to the \"joe at example.com\" email address. Under this scenario \nyou would only have one CA per domain.\n\nRuss",
"sig": "4a0597522fd1d627e110b065f2db8048a2285646896052b0c6c2ceaedea3c999eaaa9354f6ee6ac03d98bbd7a29114498561478c5749b264f31eeffc44a62c41"
}