Skip to Content.
Sympa Menu

discuss - Re: [opennic-discuss] broken https on reg.libre

discuss AT lists.opennicproject.org

Subject: Discuss mailing list

List archive

Re: [opennic-discuss] broken https on reg.libre


Chronological Thread  
  • From: "Walter H." <Walter.H AT mathemainzel.info>
  • To: discuss AT lists.opennicproject.org
  • Subject: Re: [opennic-discuss] broken https on reg.libre
  • Date: Fri, 29 May 2020 17:27:05 +0200
  • Dkim-filter: OpenDKIM Filter v2.11.0 vhost01.ipv6help.de 223BF67AA7
  • Organization: Home

On 29.05.2020 16:31, Rouben wrote:
Hi all,

Interesting conversation! My apologies for the wall of text and for breaking the quote-thread.

First of all, congrats on setting up the ACME service prototype, I’ll give it a whirl and report back when I get the chance.

Second, with regards to email working on OpenNIC domains (which is a prerequisite for S/MIME),

a prerequisite not only for S/MIME;

I think the “parallel universe” issue boils down to the fact that we would need to pretty much start operating our own internal, OpenNIC email service that uses a standard ICANN TLD in order to talk to the rest of the world. A gateway between the parallel universes, if you will. :)

a workaround for solving a problem, which wouldn't exist without the parallel universe?

just the question: what was the origin goal of OpenNIC?

- free domains?
- something different?

I guess not really building up a parallel universe what it is in fact ;-)


The MTAs (mail servers) would need to maintain a database, ...

a little bit weired; don't you think just integrating the OpenNIC TLDs into the ICANN TLD system would solve this and all other problems, too? ;-)

think of your solution for email a layer deeper: in DNS

your solution has a horse leg;

e.g. the so called transfer TLD is .opennic and this is just added as TLD to opennic TLDs

you have the E-mail address   hugo AT boss.libre and want to get a S/MIME certificate for this

let me play the official CA for you; you send an E-mail to me e.g.   master AT opennicca.net

guess which E-mail I would really receive:

From: hugo AT boss.libre.opennic
To: master AT opennicca.net

guess which S/MIME certificate you will get from me?

not one for  hugo AT boss.libre, you will get one for hugo AT boss.libre.opennic

because it is only possible for me to validate hugo AT boss.libre.opennic

a good way for playing a little bit, but not a solution for the problem ...

it is not always good having a parallel universe ;-)

Walter


Attachment: smime.p7s
Description: S/MIME Cryptographic Signature




Archive powered by MHonArc 2.6.19.

Top of Page