Sorry -- I meant RFC 4398 and not RFC 4648!
I believe it would be a mistake to publish this document without having
it include a discussion of its relationship to RFC 4648. As far as I
can tell, the CERT record defined in RFC 4648 solves roughly the same
problem as OPENPGPKEY and CERT is already deployed with support in (for
example) GnuPG. I believe the community would benefit from sorting out
the relationship before publication, not after, when we would have two
RFCs describing solutions for what appears to be the same problem.
The IESG <iesg-secretary-EgrivxUAwEY(_at_)public(_dot_)gmane(_dot_)org>
The IESG has received a request from the DNS-based Authentication of
Named Entities WG (dane) to consider the following document:
- 'Using DANE to Associate OpenPGP public keys with email addresses'
<draft-ietf-dane-openpgpkey-05.txt> as Proposed Standard
The IESG plans to make a decision in the next few weeks, and solicits
final comments on this action. Please send substantive comments to the
ietf-EgrivxUAwEY(_at_)public(_dot_)gmane(_dot_)org mailing lists by
2015-09-11. Exceptionally, comments may be
sent to iesg-EgrivxUAwEY(_at_)public(_dot_)gmane(_dot_)org instead. In
either case, please retain the
beginning of the Subject line to allow automated sorting.
OpenPGP is a message format for email (and file) encryption that
lacks a standardized lookup mechanism to securely obtain OpenPGP
public keys. This document specifies a method for publishing and
locating OpenPGP public keys in DNS for a specific email address
using a new OPENPGPKEY DNS Resource Record. Security is provided via
The file can be obtained via
IESG discussion can be tracked via
No IPR declarations have been submitted directly on this I-D.
dane mailing list
Description: PGP signature