On Tue, 11 May 2021, John C Klensin wrote:
I'm not clear why a domain's MX would be the wrong place. ..,
Well, if the keys were signed by entities I trusted, I wouldn't
be worried about what "authoritative source" means. And if they
weren't, not only would I not like that, but it would probably
turn the whole idea into theater rather than security.
Indeed. But if the keys include signatures, it doesn't matter where they
come from, so we're back to asking why nobody seems to use the key servers
that already exist.
Regards,
John Levine, johnl(_at_)taugh(_dot_)com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail. https://jl.ly
_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp