ietf-smtp
[Top] [All Lists]

Re: [ietf-smtp] Public Key Look Up

2021-05-11 06:48:48
On Sat 08/May/2021 19:26:02 +0200 John Levine wrote:
It appears that John C Klensin  <john-ietf(_at_)jck(_dot_)com> said:
FWIW, also note that ideas of putting user or mailbox names (not
just host names) into the DNS to support a variety of things has
been around since the early design of the DNS.

I'd forgotten about RFC 7929 which purports to put PGP keys
in the DNS.  [...]

I want to stress that I don't think this is a terrible idea,
especially if it were used to retrieve keys for S/MIME or PGP
use rather than inventing yet another mechanism.

I think it's a terrible idea both because it puts the keys in the wrong
place and the reasons you gave, extensions are optional which means
not implemented.


I'm not clear why a domain's MX would be the wrong place. A similar idea is to store the keys at a domain's well-known place, so as to get them via https. The draft also includes a mail-based protocol to update the web key directory.

https://datatracker.ietf.org/doc/html/draft-koch-openpgp-webkey-service


Best
Ale
--












_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp