I'm sorry, this makes no sense. How is my MUA supposed to know about the
key of someone from whom I have not yet received a message? Based on
the arguments I've seen, the main point of a key lookup service is to enable
opportunistic encryption on the first message.
My MUA knows my key. Your MUA knows your key. All that's missing is a way to
have my MUA talk to yours.
Right. When you come up with a way for my MUA to fetch a key from your
MUA when you have never sent me a message, let us know.
In the meantime, I think you need a better argument against per-domain key
stores than "I don't trust them." The people from DANE are determined to
use per-domain stores, so it'd be a lot more useful to figure out how to
minimize the suckage than to yet again stick our fingers in our ears and
pretend we don't hear them.
Regards,
John Levine, johnl(_at_)taugh(_dot_)com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail.
_______________________________________________
smime mailing list
smime(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/smime