On Wed, 23 Sep 2015, John Levine wrote:
I've been trying to figure out what this draft provides that the
existing widely implemented PGP keyservers don't. So far, it seems to
be that in some cases it's easier to delete dead keys, although that
makes some significant assumptions about how the provisioning systems
work.
We seem to agree that the security isn't very different: if the
domain's management can run the DNS securely and truthfully represents
its users' interests, DANE might be better, otherwise not. Since the
most plausible usage scenario is opportunistic encryption to
recipients, it doesn't really matter where the keys come from.
Of course it does. I can upload a new and stronger key with keyid
johnl(_at_)taugh(_dot_)com to the keyservers and now you cannot read any email
people
send you that is automatically encrypted to a key you don't own. You can't
trust the keyservers for the binding between keyid and email address.
Paul