I believe it would be a mistake to publish this document without having
it include a discussion of its relationship to RFC 4648. As far as I
can tell, the CERT record defined in RFC 4648 solves roughly the same
problem as OPENPGPKEY and CERT is already deployed with support in (for
example) GnuPG. I believe the community would benefit from sorting out
the relationship before publication, not after, when we would have two
RFCs describing solutions for what appears to be the same problem.
/Simon
The IESG <iesg-secretary(_at_)ietf(_dot_)org> writes:
The IESG has received a request from the DNS-based Authentication of
Named Entities WG (dane) to consider the following document:
- 'Using DANE to Associate OpenPGP public keys with email addresses'
<draft-ietf-dane-openpgpkey-05.txt> as Proposed Standard
The IESG plans to make a decision in the next few weeks, and solicits
final comments on this action. Please send substantive comments to the
ietf(_at_)ietf(_dot_)org mailing lists by 2015-09-11. Exceptionally, comments
may be
sent to iesg(_at_)ietf(_dot_)org instead. In either case, please retain the
beginning of the Subject line to allow automated sorting.
Abstract
OpenPGP is a message format for email (and file) encryption that
lacks a standardized lookup mechanism to securely obtain OpenPGP
public keys. This document specifies a method for publishing and
locating OpenPGP public keys in DNS for a specific email address
using a new OPENPGPKEY DNS Resource Record. Security is provided via
DNSSEC.
The file can be obtained via
https://datatracker.ietf.org/doc/draft-ietf-dane-openpgpkey/
IESG discussion can be tracked via
https://datatracker.ietf.org/doc/draft-ietf-dane-openpgpkey/ballot/
No IPR declarations have been submitted directly on this I-D.
signature.asc
Description: PGP signature