Discuss mailing list

[Erich Eckner <opennic AT eckner.net>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hi,

On Fri, 29 May 2020, Walter H. wrote:

> On 29.05.2020 16:31, Rouben wrote:
> > Hi all,
> >
> > Interesting conversation! My apologies for the wall of text and for 
> > breaking the quote-thread.
> >
> > First of all, congrats on setting up the ACME service prototype, I’ll give 
> > it a whirl and report back when I get the chance.
> >
> > Second, with regards to email working on OpenNIC domains (which is a 
> > prerequisite for S/MIME),
>
> a prerequisite not only for S/MIME;
>
> > I think the “parallel universe” issue boils down to the fact that we would 
> > need to pretty much start operating our own internal, OpenNIC email service 
> > that uses a standard ICANN TLD in order to talk to the rest of the world. A 
> > gateway between the parallel universes, if you will. :)
>
> a workaround for solving a problem, which wouldn't exist without the parallel 
> universe?
>
> just the question: what was the origin goal of OpenNIC?
>
> - free domains?

Yes, "free" like in freedom, I think. (and also gratis, as it turns out)

> - something different?

- - A playground for dns-wannabe-admins like me :-)
- - Independent dns roots.

> I guess not really building up a parallel universe what it is in fact ;-)

Right, if ICANN provided free (not to be confused with gratis) domains, 
the parallel universe would not be necessary. But since they don't (and 
probably never will), we are stuck with that.

> > The MTAs (mail servers) would need to maintain a database, ...
>
> a little bit weired; don't you think just integrating the OpenNIC TLDs into 
> the ICANN TLD system would solve this and all other problems, too? ;-)

<irony>
ok, you write to ICANN to propose including our tlds - maintained by us, 
as it is done currently.
</irony>

> think of your solution for email a layer deeper: in DNS
>
> your solution has a horse leg;
>
> e.g. the so called transfer TLD is .opennic and this is just added as TLD to 
> opennic TLDs
>
> you have the E-mail address   hugo AT boss.libre and want to get a S/MIME 
> certificate for this
>
> let me play the official CA for you; you send an E-mail to me e.g.   
> master AT opennicca.net
>
> guess which E-mail I would really receive:
>
> From: hugo AT boss.libre.opennic
> To: master AT opennicca.net
>
> guess which S/MIME certificate you will get from me?
>
> not one for  hugo AT boss.libre, you will get one for hugo AT boss.libre.opennic
>
> because it is only possible for me to validate hugo AT boss.libre.opennic
>
> a good way for playing a little bit, but not a solution for the problem ...

Every other protocoll-breaking way of communication will be broken, too:
Should I put mailto:erich AT super.geek or mailto:erich AT super.geek.opennic 
onto my website?

> it is not always good having a parallel universe ;-)

I agree, here. A parallel universe for email seems irreparable. OTOH, I 
consider email to be "free" - at least no one complained so far to me 
about any suspicious subjects I used (and I use them a lot).

> Walter

regards,
Erich

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEE3p92iMrPBP64GmxZCu7JB1Xae1oFAl7RT5gACgkQCu7JB1Xa
e1plUQ//dNgeEMxg2V94zpDrpn7D4ljSkQAoPOcy/Plstqn6yAjwcHLHw6QuyHMM
O1tzuoOpZwjLyVJuyPm/cck9BmXLcDAOAajLE5iIPIrB5C4inVAtaRHVczJZ3aN2
aCaKSZcKI+S1dsNyT+WaXBGdEDkh00QM0Dhhk6Y74Zkn9B3yj5Hk0/aMA03dGxO0
+vLuRbGdNphkTxxlq1KNgBBMaFQIKI+FxIqFBJUV0/66VOSDCI1FouIVGLTLAXMm
gf7JgMjDgdb4V06WRDmGZ19aJsLvZHp7vxv4ZmSfVStyIgJ5VQgilQFdhmMdYbzS
uvBaMQ71jHi0Y2CjcCR31/cTXJN3fjohlhpI+kp3HJiPb1aMZYrd8WSeknq6Sbbx
2Em7mU1hwya3eRfQHGaEPtWNbD5LPtcV3/0sJUSAYwBASq5b0QbI81POFSoP0NKX
DO+rgWU85iwiXJyaN97ial6KvYv/jjiR+L8IgxaIy4f9IwMyThRPg98v0GIzisJ3
881RWzp93b51hTIpOQiE9BaChp1EeDlR/YDzwiOiGIhJgWtjLINI2YjwAOdXdQwk
y1xCxgoixLcX4HDqMv2+nelqmGs5KxUCka0fQ9+/bdwVORPdQKLiGK93oXO3ydez
1YbdbavxuJsYeHjMZS7f0HlDFlDaNGq64qAIxSMlSsiB0pzKgoE=
=M0xY
-----END PGP SIGNATURE-----