I should have been clearer, the assertion is "this is my user's key".
The good news is that this should be observable by the user.
Sure, but once again you're no better off than if you got the key anywhere
else. I understand the argument for better key servers and maybe better
ways to discover key servers (a URI record should do it), but I don't
understand the argument for a whole new mechanism with new security,
scaling, and semantic problems.
Regards,
John Levine, johnl(_at_)taugh(_dot_)com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail.