Do you see any problems to introducing a new PKIX email address type to
support Unicode in email local part for Email-Address-Internationalization?
No new problems, although it makes the variant local part issue even more
obvious. I don't claim to be a Unicode expert but it seems clear to me
that for the mapping rules to be useful to non-technical users they have
to match offline conventions, which means that they depend on the user's
language. So for a large system like gmail, there's likely to be dozens
of different character mapping rules for different user languages, just as
there are dozens of different language options for the gmail web
The alternative is that for each mapping i.e. email address variant the
sender will need a different set of signing keys and certificates,
which they will have to distribute. Because these email addresss local
variations have become so ingrained, adopting PKIX for email address
authentication becomes burdensome to point of killing off its feasibility.
S/MIME has been widely available for close to 20 years, implemented in
nearly all desktop MUAs, and the number of people who use it (other than
the ones whose employers demand it) still rounds to zero. PGP is no
better, despite the wide availablity of public PGP key servers. I think
the poor match between the addresses in certs and the ones in real mail is
one of the reasons.
If you want to move ahead with this, it would be more productive to think
harder about how to improve PKIX to match mail practice than try to force
a billion mail users into the underdesigned PKIX address model since there
are a whole lot more mail users than S/MIME and PKIX certificate users.
It's not out of the question that SMTP servers could help, e.g., the
oracle to ask if two addresses are the same recipient.
It'd also be a big help to clarify what the problem is to be solved. Is it
to assert that mail with the address fred(_dot_)smith(_at_)example(_dot_)com is from an
actual person named Fred Smith, that encrypted mail will only be read by
that person, that today's mail with that address is from the same person
it was from yesterday, or something else?
ietf-smtp mailing list