From 211dd4fb1f790a0678a78ce88fe6672d97565c64 Mon Sep 17 00:00:00 2001
From: Rohan Kumar <seirdy@seirdy.one>
Date: Thu, 20 Oct 2022 00:35:50 -0700
Subject: [PATCH] New note: privacyguides email

---
 content/notes/re-privacyguides-email-security.md | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)
 create mode 100644 content/notes/re-privacyguides-email-security.md

diff --git a/content/notes/re-privacyguides-email-security.md b/content/notes/re-privacyguides-email-security.md
new file mode 100644
index 0000000..22ce19b
--- /dev/null
+++ b/content/notes/re-privacyguides-email-security.md
@@ -0,0 +1,16 @@
+---
+title: "Re: Privacy Guides email security"
+date: 2022-10-20T00:35:50-07:00
+replyURI: "https://www.privacyguides.org/basics/email-security/"
+replyTitle: "Email Security"
+replyType: "TechArticle"
+replyAuthor: "Privacy Guides"
+replyAuthorType: "Organization"
+replyAuthorURI: "https://www.privacyguides.org/"
+---
+Key management guides should also cover key distribution.
+
+Secure distribution happens over at least two bands with two different sources of trust. Having my own domain name lets me combining DANE (trust the DNS trust anchors) and Web Key Directory (trust the WebPKI and CA system). Clients can fetch keys both ways and ensure they match. Prospective senders may also request public keys over modern encrypted messengers.
+
+This guide covers the client side. Users need providers and name servers to adopt email security standards (DKIM, SPF, DMARC, ARC, DANE, MTA-STS).
+