It's also conceivable that a company would offer users the ability to upload
their public key to the repository.
True, although if it's web mail you're going to need some impressively
complex Javascript to arrange so that the user can read the mail but the
provider can't.
you run the key lookup server, so you can apply whatever your
local-part equivalence rules are.
I generally agree, but I want to point out that while equivalence to
a canonical address with an associated key is sufficient to solve this problem,
it isn't necessary:
Oh, of course, sorry if that wasn't clear. You need a mapping from the
address to the key, not to a canonical anything.
Regards,
John Levine, johnl(_at_)taugh(_dot_)com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail.
_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp