Discuss mailing list

[Erich Eckner <opennic AT eckner.net>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On Thu, 28 May 2020, Walter H. wrote:

> On 28.05.2020 17:49, Erich Eckner wrote:
> > On Wed, 27 May 2020, Walter H. wrote:
> >
> > > There is a simple solution for this problem ...
> > >
> > > as soon as it possible to receive E-mails from everyone even on a OpenNIC 
> > > domain,
> > > e.g.    hugo AT hello.reg.libre SSL/TLS is not the problem ...
> >
> > Sending and receiving emails from/to opennic tlds is possible and always 
> > was
>
> then try sending me an E-mail using an E-mail-Adress of an OpenNIC domain?

If you tell me your email address, I'll send to your opennic address. My 
mail server can resolve opennic tlds, too - and I have no doubt, that it 
will deliver to these domeins, too.

> OpenNIC is a parallel universe to the global DNS operated by IETF/IANA/...;

Yes, I'm aware of this. That's why I asked, how you intend to distribute 
certificates via email. As stated above, if properly configured, mail 
servers can trivially send to opennic domains.

> > - but I doubt the usability of that, because big email providers like gmail 
> > will most certainly not evaluate the email domain as valid.
> nearly no mail server accepts an OpenNIC email domain as valid ...
> > How would you distribute certificates via email?
>
> how would you S/MIME sign an email using any OpenNIC domain as sender 
> and not assuming that the recipient has installed anything 3rd party?

Ah, you are talking about getting certificates to be *used* on opennic 
domains for email? Then I misunderstood your first email, sry.

> you e.g. use PGP, which is just like self-signed;
>
> when you achieve to get an S/MIME x509 certificate signed by a CA already in 
> the certstores for an OpenNIC email address, you are done;

yes, for S/MIME certificates, this might work - iff the official CA 
resolves opennic, too.

regards,
Erich

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEE3p92iMrPBP64GmxZCu7JB1Xae1oFAl7QKKYACgkQCu7JB1Xa
e1qWdhAArGKe1gCvSYdMyWZAI7TAV0qnr+nLMPmVd1xU19ecr28OX9V9MSWsAu2/
vzlGUFTWzuWFm9hz00odjL60si/0SCMX5m3TCxTDP/Tisy8/R4b7sX4LjitmvxW4
uDiCgzPnbQ35sChyJExtml0FbXAfwBfZCl8YZgrK2r9ATqp4WJIxHODGZE7EnMoy
m01kMeH5DutCEeRCsoppeTF56hw2WFlYR6eAhpbWSv/h52ALto9aP5kpTiH9YFth
BNamW5kYRikx2Q5NIoIA87tDA1Cm1GuY50oiEuudQ8HPkUd70KsMVgvPnVV/pG9X
5c4hNLASPLNNjQcsFZ6gWGgu1mt9121Ma6wET8R82J4xpUt9XzYJh7lwuePBlygG
W7KJag8bC3Xb8lzKbuVgtDGA906WhATLRlKTJgszo8wRyR8G93mzZPIkN9G1fGab
Pv2w5wxeWjXbs1DNWBoywAz6kVq6BkeDc8fP62MIv585AfS3qCqYwDXzFUxzNphR
f4EfSKCbL8Vce9CCoE4B/41v/ZuvW5K/Bx3ame6Ctbpc1h211ZOpWmP98rfNeAzx
2uGnFWSzACTV/3jBHYDLA+eYYY2wi9Rn5gfgm3y41y3mFy6/gZPWK9m4/bSDEOxE
4k+3/cIP5nhVcdGv2cLgBZZNhnh3w7+GTOMWwxe+/21O/mRKhF4=
=5J4s
-----END PGP SIGNATURE-----