ietf-smime
[Top] [All Lists]

Re: [smime] Key lookup service via draft-bhjl-x509-srv-00

2016-03-24 16:13:20
I'm sorry, this makes no sense.  How is my MUA supposed to know about the
key of someone from whom I have not yet received a message?  Based on
the arguments I've seen, the main point of a key lookup service is to enable
opportunistic encryption on the first message.

My MUA knows my key.  Your MUA knows your key.  All that's missing is a way to 
have my MUA talk to yours.

Right. When you come up with a way for my MUA to fetch a key from your MUA when you have never sent me a message, let us know.

In the meantime, I think you need a better argument against per-domain key stores than "I don't trust them." The people from DANE are determined to use per-domain stores, so it'd be a lot more useful to figure out how to minimize the suckage than to yet again stick our fingers in our ears and pretend we don't hear them.

Regards,
John Levine, johnl(_at_)taugh(_dot_)com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail.

_______________________________________________
smime mailing list
smime(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/smime