[Users] domainkeys module
Klaus Darilion
klaus.mailinglists at pernau.at
Tue Nov 29 09:39:22 CET 2005
Yes and No. Of course the receiver needs to know the public key of the
sender to verifiy the signature. But there is no need to pre-share the
public keys, as they are published via DNS. The domain for fetching the
public key from DNS consists of the "selector" + "._domainky" + the
domain of the From: URI, e.g:
>dig 2005._domainkey.dk.labs.nic.at TXT
;; ANSWER SECTION:
2005._domainkey.dk.labs.nic.at. 3600 IN TXT "k=rsa\;
p=MEwwDQYJKoZIhvcNAQEBBQADOwAwOAIxALysT867uZ/ckWZpL6UTKt/7ZLPr1BkWIukU16egelXT8FYagoilfznoU2H
LcBQPzwIDAQAB"
regards
klaus
Daniel-Constantin Mierla wrote:
> Hi Klaus,
> would this approach require key exchange between the peering domains?
>
> Cheers,
> Daniel
>
>
> On 11/28/05 19:44, Klaus Darilion wrote:
>
>> Hi!
>>
>> I've just posted a domainkeys module on the tracker on sourceforge:
>> http://sourceforge.net/tracker/index.php?func=detail&aid=1368417&group_id=139143&atid=743022
>>
>>
>> This is a "proof-of-concept" and at the moment not a module for real
>> usage. Further, this is something which not standardized or documented
>> anywhere. It's just an experiment to use the domainkeys technology
>> (invented as anti-SPAM technology for emails) also with SIP.
>>
>> Following some snippets from the README file.
>>
>> If you would like to discuss this idea with me, you'r welcome.
>>
>> regards
>> klaus
>>
>>
>
>
More information about the sr-users
mailing list